Quoting James Morris ([EMAIL PROTECTED]):
> On Wed, 27 Jun 2007, Serge E. Hallyn wrote:
>
> > Patch tests fine for me for expected capability behavior with lsm=n,
> > lsm=y, lsm=y+capability=y, lsm=y+selinux=y, and lsm=y+caps=y+selinux=y.
> >
> > So while I'm opposed to the patch, it appears to b
On Wed, 27 Jun 2007, Serge E. Hallyn wrote:
> Patch tests fine for me for expected capability behavior with lsm=n,
> lsm=y, lsm=y+capability=y, lsm=y+selinux=y, and lsm=y+caps=y+selinux=y.
>
> So while I'm opposed to the patch, it appears to be safe.
I've also tested a bunch of scenarios: allmod
Quoting Serge E. Hallyn ([EMAIL PROTECTED]):
> Quoting James Morris ([EMAIL PROTECTED]):
> > On Wed, 27 Jun 2007, Serge E. Hallyn wrote:
> >
> > > Quoting Kyle Moffett ([EMAIL PROTECTED]):
> > > > This whole discussion boils down to 2 points:
> > >
> > > Yes it can, but not the two you list.
> >
Quoting James Morris ([EMAIL PROTECTED]):
> On Wed, 27 Jun 2007, Serge E. Hallyn wrote:
>
> > Quoting Kyle Moffett ([EMAIL PROTECTED]):
> > > This whole discussion boils down to 2 points:
> >
> > Yes it can, but not the two you list.
> >
> > > 1) As currently implemented, no LSM may be safely
On Wed, 27 Jun 2007, Serge E. Hallyn wrote:
> Quoting Kyle Moffett ([EMAIL PROTECTED]):
> > This whole discussion boils down to 2 points:
>
> Yes it can, but not the two you list.
>
> > 1) As currently implemented, no LSM may be safely rmmod-ed
>
> That's not the rationale for the patch, it's
Quoting Kyle Moffett ([EMAIL PROTECTED]):
> This whole discussion boils down to 2 points:
Yes it can, but not the two you list.
> 1) As currently implemented, no LSM may be safely rmmod-ed
That's not the rationale for the patch, it's just some talking point you
picked up. The rationale for th
* Crispin Cowan ([EMAIL PROTECTED]) wrote:
> and simple LSMs that can be
> unloaded safely can permit it.
there are none, and making the above possible is prohibitively
expensive.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED
On Jun 26, 2007, at 20:57:53, Crispin Cowan wrote:
Kyle Moffett wrote:
Let's go over the differences between "my fs" and "my LSM", and
the similarities between "my VM" and "my LSM": Filesystems don't
get hooked from virtually every userspace-initiated operation,
whereas both VMs and LSMs d
Kyle Moffett wrote:
> Let's go over the differences between "my fs" and "my LSM", and the
> similarities between "my VM" and "my LSM": Filesystems don't get
> hooked from virtually every userspace-initiated operation, whereas
> both VMs and LSMs do. VMs and LSMs attach anonymous state data to a
>
On Jun 26, 2007, at 09:47:12, Serge E. Hallyn wrote:
Quoting Kyle Moffett ([EMAIL PROTECTED]):
On Jun 25, 2007, at 16:37:58, Andreas Gruenbacher wrote:
It's useful for some LSMs to be modular, and LSMs which are y/n
options won't have any security architecture issues with
unloading at all. T
On Tue, Jun 26, 2007 at 10:53:29AM -0500, Serge E. Hallyn wrote:
> Quoting Adrian Bunk ([EMAIL PROTECTED]):
> > On Tue, Jun 26, 2007 at 09:06:44AM -0500, Serge E. Hallyn wrote:
> > > Quoting Adrian Bunk ([EMAIL PROTECTED]):
> > > > On Mon, Jun 25, 2007 at 10:57:31PM -0500, Serge E. Hallyn wrote:
>
Quoting Greg KH ([EMAIL PROTECTED]):
> On Tue, Jun 26, 2007 at 09:06:44AM -0500, Serge E. Hallyn wrote:
> > Quoting Adrian Bunk ([EMAIL PROTECTED]):
> > > On Mon, Jun 25, 2007 at 10:57:31PM -0500, Serge E. Hallyn wrote:
> > > > Quoting James Morris ([EMAIL PROTECTED]):
> > > > > On Mon, 25 Jun 2007
On Tue, Jun 26, 2007 at 09:06:44AM -0500, Serge E. Hallyn wrote:
> Quoting Adrian Bunk ([EMAIL PROTECTED]):
> > On Mon, Jun 25, 2007 at 10:57:31PM -0500, Serge E. Hallyn wrote:
> > > Quoting James Morris ([EMAIL PROTECTED]):
> > > > On Mon, 25 Jun 2007, Andreas Gruenbacher wrote:
> > > >
> > > > >
Quoting Adrian Bunk ([EMAIL PROTECTED]):
> On Tue, Jun 26, 2007 at 09:06:44AM -0500, Serge E. Hallyn wrote:
> > Quoting Adrian Bunk ([EMAIL PROTECTED]):
> > > On Mon, Jun 25, 2007 at 10:57:31PM -0500, Serge E. Hallyn wrote:
> > > > Quoting James Morris ([EMAIL PROTECTED]):
> > > > > On Mon, 25 Jun
On Tue, Jun 26, 2007 at 09:06:44AM -0500, Serge E. Hallyn wrote:
> Quoting Adrian Bunk ([EMAIL PROTECTED]):
> > On Mon, Jun 25, 2007 at 10:57:31PM -0500, Serge E. Hallyn wrote:
> > > Quoting James Morris ([EMAIL PROTECTED]):
> > > > On Mon, 25 Jun 2007, Andreas Gruenbacher wrote:
> > > >
> > > > >
Quoting Adrian Bunk ([EMAIL PROTECTED]):
> On Mon, Jun 25, 2007 at 10:57:31PM -0500, Serge E. Hallyn wrote:
> > Quoting James Morris ([EMAIL PROTECTED]):
> > > On Mon, 25 Jun 2007, Andreas Gruenbacher wrote:
> > >
> > > > It's useful for some LSMs to be modular, and LSMs which are y/n options
> >
Quoting Kyle Moffett ([EMAIL PROTECTED]):
> On Jun 25, 2007, at 16:37:58, Andreas Gruenbacher wrote:
> >On Monday 25 June 2007 06:33, James Morris wrote:
> >>Convert LSM into a static interface, as the ability to unload a
> >>security module is not required by in-tree users and potentially
> >>
On Mon, Jun 25, 2007 at 10:57:31PM -0500, Serge E. Hallyn wrote:
> Quoting James Morris ([EMAIL PROTECTED]):
> > On Mon, 25 Jun 2007, Andreas Gruenbacher wrote:
> >
> > > It's useful for some LSMs to be modular, and LSMs which are y/n options
> > > won't
> > > have any security architecture issu
Oops, typo:
On Jun 26, 2007, at 00:09:24, Kyle Moffett wrote:
This sounds suspiciously like "The mere fact that the Linux-2.6-VM
cannot be built as a module is a rather weak argument for disabling
VFS modules as a whole"
Meant to say: "...disabling VM modules as a whole."
Cheers,
Kyle Moff
On Jun 25, 2007, at 16:37:58, Andreas Gruenbacher wrote:
On Monday 25 June 2007 06:33, James Morris wrote:
Convert LSM into a static interface, as the ability to unload a
security module is not required by in-tree users and potentially
complicates the overall security architecture.
It's use
Quoting James Morris ([EMAIL PROTECTED]):
> On Mon, 25 Jun 2007, Andreas Gruenbacher wrote:
>
> > It's useful for some LSMs to be modular, and LSMs which are y/n options
> > won't
> > have any security architecture issues with unloading at all.
>
> Which LSMs? Upstream, there are SELinux and
On Mon, 25 Jun 2007, Andreas Gruenbacher wrote:
> It's useful for some LSMs to be modular, and LSMs which are y/n options won't
> have any security architecture issues with unloading at all.
Which LSMs? Upstream, there are SELinux and capabilty, and they're not
safe as loadable modules.
> Th
On Monday 25 June 2007 06:33, James Morris wrote:
> Convert LSM into a static interface, as the ability to unload a security
> module is not required by in-tree users and potentially complicates the
> overall security architecture.
It's useful for some LSMs to be modular, and LSMs which are y/n
On Mon, 2007-06-25 at 00:33 -0400, James Morris wrote:
> Convert LSM into a static interface, as the ability to unload a security
> module is not required by in-tree users and potentially complicates the
> overall security architecture.
>
> Needlessly exported LSM symbols have been unexported, t
On Sun, 24 Jun 2007, Petr Vandrovec wrote:
> > -module_param(debug, bool, 0600);
> > -MODULE_PARM_DESC(debug, "Debug enabled or not");
> > +static int __init root_plug_debug(char *str)
> > +{
> > + debug = simple_strtol(str, NULL, 0);
> > + return 1;
> > +}
> > +__setup("root_plug_debug=", roo
James Morris wrote:
Convert LSM into a static interface, as the ability to unload a security
module is not required by in-tree users and potentially complicates the
overall security architecture.
Hello,
-module_param(debug, bool, 0600);
-MODULE_PARM_DESC(debug, "Debug enabled or not");
+stat
Convert LSM into a static interface, as the ability to unload a security
module is not required by in-tree users and potentially complicates the
overall security architecture.
Needlessly exported LSM symbols have been unexported, to help reduce API
abuse.
Parameters for the capability and root_
27 matches
Mail list logo
