Seems that an unauthorized user can send file through sockets due to
the following missing check errors.
There is not security_file_permission() check from sys_splice(),
which can invoke sock_sendpage(). The call chain is as follows.
sys_splice -> do_splice -> do_splice_from -> generic_splice
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
KaiGai Kohei wrote:
> Serge E. Hallyn wrote:
>> Kaigai, Andrew, I believe you are maintaining competing versions
>> of libcap, http://code.google.com/p/libcap/ and
>> http://www.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.6/
>>
>> -serge
>
From: Paul Moore <[EMAIL PROTECTED]>
Add a new set of configuration functions to the NetLabel/LSM API so that
LSMs can perform their own configuration of the NetLabel subsystem without
relying on assistance from userspace.
Signed-off-by: Paul Moore <[EMAIL PROTECTED]>
---
include/net/netlabel.h
This is version 11 of the Simplified Mandatory Access Control Kernel.
The whole thing as available on the Smack home page at
http://schaufler-ca.com
The attachments to this message are not kernel code.
They are early versions of the smackload and smackcipso
programs, and are included in the
Serge E. Hallyn wrote:
Kaigai, Andrew, I believe you are maintaining competing versions
of libcap, http://code.google.com/p/libcap/ and
http://www.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.6/
-serge
Please tell me the repository path of Andrew Morgan's libcap.
I'll post the patc
re-sent due to a typo in addressing.
AppArmor Security Goal
Crispin Cowan, PhD
MercenaryLinux.com
This document is intended to specify the security goal that AppArmor is
intended to achieve, so that users can evaluate whether AppArmor will
meet their needs, and kernel developers can evaluate whet
AppArmor Security Goal
Crispin Cowan, PhD
MercenaryLinux.com
This document is intended to specify the security goal that AppArmor is
intended to achieve, so that users can evaluate whether AppArmor will
meet their needs, and kernel developers can evaluate whether AppArmor is
living up to its claim
Christoph Hellwig wrote:
> On Thu, Nov 08, 2007 at 07:04:23AM +0900, Tetsuo Handa wrote:
>> The reason why I want to access namespace_sem inside security_inode_create()
>> is that
>> it doesn't receive "struct vfsmount" parameter.
>> If "struct vfsmount" *were* passed to security_inode_create(),
Kaigai, Andrew, I believe you are maintaining competing versions
of libcap, http://code.google.com/p/libcap/ and
http://www.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.6/
-serge
Quoting Andrew Morgan ([EMAIL PROTECTED]):
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Andrew, S