Stephen Smalley <[EMAIL PROTECTED]> writes:
>> > If the ctl_table supplied more information about the functional purpose >> > and the security sensitivity of the sysctl, then we could leverage that >> > information instead, as long as we can at least derive the current >> > labelings from that information for compatibility. >> >> What do information do you need to do need? Do you need extra fields in > sysctl? >> I am more than willing to help but I am not familiar enough with selinux >> to do a reasonable job on my own. > > At present, we map the sysctls into functional groups (e.g. net, vm, > fs, ...) that parallel the sysctl hierarchy so that we can limit access > to only those programs/processes that need access for their purpose, and > further partition where it makes sense to do so. We also separate out > particularly security sensitive ones like modprobe and hotplug. So if > the ctl_table carried some indication of functional grouping and > security relevance (for some relatively small number of equivalence > classes), then we could map those to labels instead of the current > scheme. And if we could have the ctl_table inherit the information from > its logical "parent" in the hierarchy by default, then it shouldn't > require too invasive a patch. Ok. So basically what you need is a parent pointer or some other way of getting the full sysctl_path. All of the names that show up in /proc are still present in the ctl_table. Hmm. In parse_table we actually call sysctl_perm at each path component, I'm not doing that in proc_sysctl.c at the moment but that would be easy to add. I think I will look at adding the back pointers. Adding the security check during lookup is nice but it won't really give you the context you could use. There may be a point in adding a security check during lookup as well, but I think the way the VFS works there are weird implications there. Eric - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
