On śro, 2015-05-27 at 10:12 -0500, Eric W. Biederman wrote:
> Lukasz Pawelczyk writes:
> > On wto, 2015-05-26 at 22:13 -0500, Eric W. Biederman wrote:
> >> In particular there should be
> >> little to no need to keep pestering the system administrator for more
> >> identifiers.
> >
> > This all de
Lukasz Pawelczyk writes:
> On wto, 2015-05-26 at 22:13 -0500, Eric W. Biederman wrote:
>> Lukasz Pawelczyk writes:
>>
>> > Hello,
>> >
>> > Some time ago I sent a Smack namespace documentation and a preliminary
>> > LSM namespace for RFC. I've been suggested that there shouldn't be a
>> > separ
On 05/27/2015 05:36 AM, Lukasz Pawelczyk wrote:
> On wto, 2015-05-26 at 10:35 -0400, Stephen Smalley wrote:
>> On 05/25/2015 08:32 AM, Lukasz Pawelczyk wrote:
>>> --- Usage ---
>>>
>>> Smack namespace is written using LSM hooks inside user namespace. That
>>> means it's connected to it.
>>>
>>> To
On 5/27/2015 2:29 AM, Lukasz Pawelczyk wrote:
> On wto, 2015-05-26 at 18:04 -0700, Casey Schaufler wrote:
>> On 5/25/2015 5:32 AM, Lukasz Pawelczyk wrote:
>>> Hello,
>>>
>>> Some time ago I sent a Smack namespace documentation and a preliminary
>>> LSM namespace for RFC. I've been suggested that th
On wto, 2015-05-26 at 22:13 -0500, Eric W. Biederman wrote:
> Lukasz Pawelczyk writes:
>
> > Hello,
> >
> > Some time ago I sent a Smack namespace documentation and a preliminary
> > LSM namespace for RFC. I've been suggested that there shouldn't be a
> > separate LSM namespace and that it should
On wto, 2015-05-26 at 10:35 -0400, Stephen Smalley wrote:
> On 05/25/2015 08:32 AM, Lukasz Pawelczyk wrote:
> > --- Usage ---
> >
> > Smack namespace is written using LSM hooks inside user namespace. That
> > means it's connected to it.
> >
> > To create a new Smack namespace you need to unshare(
On wto, 2015-05-26 at 18:04 -0700, Casey Schaufler wrote:
> On 5/25/2015 5:32 AM, Lukasz Pawelczyk wrote:
> > Hello,
> >
> > Some time ago I sent a Smack namespace documentation and a preliminary
> > LSM namespace for RFC. I've been suggested that there shouldn't be a
> > separate LSM namespace and
Lukasz Pawelczyk writes:
> Hello,
>
> Some time ago I sent a Smack namespace documentation and a preliminary
> LSM namespace for RFC. I've been suggested that there shouldn't be a
> separate LSM namespace and that it should live within user namespace.
> And this version does. This is a complete s
On 5/25/2015 5:32 AM, Lukasz Pawelczyk wrote:
> Hello,
>
> Some time ago I sent a Smack namespace documentation and a preliminary
> LSM namespace for RFC. I've been suggested that there shouldn't be a
> separate LSM namespace and that it should live within user namespace.
> And this version does. T
On wto, 2015-05-26 at 12:34 -0400, Stephen Smalley wrote:
> > On wto, 2015-05-26 at 10:35 -0400, Stephen Smalley wrote:
> >> On 05/25/2015 08:32 AM, Lukasz Pawelczyk wrote:
> >
> > I call the inode operation by hand in the post_setxattr.
> >
> > The label will effectively be set twice, which is n
On 05/26/2015 12:27 PM, Lukasz Pawelczyk wrote:
> Hi,
>
> Thanks for taking the interest and commenting on this.
> Replies below.
>
>
> On wto, 2015-05-26 at 10:35 -0400, Stephen Smalley wrote:
>> On 05/25/2015 08:32 AM, Lukasz Pawelczyk wrote:
>>> --- Design ideas ---
>>>
>>> "Smack namespace"
Hi,
Thanks for taking the interest and commenting on this.
Replies below.
On wto, 2015-05-26 at 10:35 -0400, Stephen Smalley wrote:
> On 05/25/2015 08:32 AM, Lukasz Pawelczyk wrote:
> > --- Design ideas ---
> >
> > "Smack namespace" is rather "Smack labels namespace" as not the whole
> > MAC is
On 05/25/2015 08:32 AM, Lukasz Pawelczyk wrote:
> --- Design ideas ---
>
> "Smack namespace" is rather "Smack labels namespace" as not the whole
> MAC is namespaced, only the labels. There is a great analogy between
> Smack labels namespace and the user namespace part that remaps UIDs.
>
> The id
Hello,
Some time ago I sent a Smack namespace documentation and a preliminary
LSM namespace for RFC. I've been suggested that there shouldn't be a
separate LSM namespace and that it should live within user namespace.
And this version does. This is a complete set of patches required for
Smack names
14 matches
Mail list logo
