-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[Replying to everyone at once.]
Yes, this is how I wanted to implement the per-process securebits thing.
This is also half of my original patch (from last year).
The recent cap_bset changes have been implemented via prctl(), but in
that case the bset setting is done in the main kernel code and only
really honored in the capability LSM. This doesn't seem very modular to
me, and this prctl patch has the potential for better containing the
modularity for that code too.
Since it is potentially useful for other LSMs, I thought I would break
it out to give it more visibility/discussion and to get a better sense
of whether it was acceptable or not.
So far the objection (thanks Stephen for the historical context!) seems
to be "potential for abuse":
~ <[EMAIL PROTECTED]>
[PATCH] remove sys_security
I've been auditing the LSM stuff a bit more..
They have registered an implemented a syscall, sys_security
that does nothing but switch into the individual modules
based on the first argument, i.e. it's ioctl() switching
on the security module instead of device node. Yuck.
Patch below removes it (no intree users), maybe selinux/etc
folks should send their actual syscall for review instead..
Since SELinux is now 'in-tree', is this class of objection now moot?
Thanks
Andrew
Serge E. Hallyn wrote:
| Quoting Andrew Morgan ([EMAIL PROTECTED]):
|> Hi,
|>
|> Attached is a quick RFC patch for modifying the way the LSM's handle
|> prctl() checks. Currently, the only thing LSMs can do with prctl() calls
|> is add more restrictions to their use than the default kernel.
|>
|> What this patch does is make it possible for an LSM to fake a successful
|> prctl() call, and also support LSM-specific prctl()s; ones that are only
|> supported when the particular LSM is loaded.
|>
|> Please comment
|
| Like Casey, I'm wondering what you need this for? Is this to make the
| per-process securebits patch cleaner?
|
| thanks,
| -serge
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHhaSm+bHCR3gb8jsRAsxqAJ4wuN2+vHl6f8bRp2nSW9Na9299lACgsshv
4FtnRMROoX0M3tunC171V80=
=+ciP
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
