Re: Linux Security *Module* Framework (Was: LSM conversion to static interface)

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: Peter Dolding <oiaohm@...>

Cc: <casey@...>, Toshiharu Harada <haradats@...>, Crispin Cowan <crispin@...>, <linux-kernel@...>, <linux-security-module@...>

Subject: Re: Linux Security *Module* Framework (Was: LSM conversion to static interface)

Date: Monday, November 5, 2007 - 2:56 am

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Peter Dolding wrote:
quoted text> On 11/1/07, Casey Schaufler <casey@schaufler-ca.com> wrote:
>> --- Peter Dolding <oiaohm@gmail.com> wrote:
>> Posix capabilities predate SELinux. SELinux is not interested in
>> Posix capabilities.
>>
>>> But no IBM had to do it.
>> Err, no. It was done by Andrew Morgan back in the dark ages.
>> Why on earth do you think IBM did it?
> 
> Posix file capabilities the option to replace SUID bit with something
> more security safe only handing out segments of root power instead of
> the complete box and dice like SUID.  Even different on a user by user
> base.
> 
> Posix capabilites is what Posix file capabilities is based on.  Yes I
> know the words appear close.  The word file is important.  Please read
> Website.  http://www.ibm.com/developerworks/linux/library/l-posixcap.html

For the record, I think you are both right. I took a stab at it back
when Casey and I first met:

ftp://ftp.kernel.org/pub/linux/libs/security/linux-privs/old/kernel-2.4-fcap/README

all that stuff worked fine it was just a bit ahead of its time...

- From memory, at that point in time "extended attributes" were an
external patch, and having some trouble getting merged. My sense was
that EA was a pre-requisite and I was happy to wait for that support to
become integrated before pushing my file capability support.

In the midst of all this LSM emerged as a reaction to Linus' clear
unhappiness about all extensions security. I didn't have the time to
participate in the LSM, and my work sat in the form of these patches.

SELinux at that time existed as a separate infrastructure, and evidently
did have the time to embrace LSM.

quoted text> IBM coders worked and got it into the main line really recently to
> provide at least some way to avoid fault of SUID of course it could

[...]

So, yes, IBM (Serge) deserve full credit for starting over, and getting
it merged...

Cheers

Andrew
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFHLr6EQheEq9QabfIRAsOrAJ9XzTL0Lqm5jaxwO6UoPB9Pwh3SzQCfVWFd
cPyjsGp/s6D6HuBE6M4NJH0=
=G/ah
-----END PGP SIGNATURE-----
-
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Rob Meijer, (Mon Oct 29, 3:04 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Casey Schaufler, (Mon Oct 29, 4:27 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Crispin Cowan, (Mon Oct 29, 3:41 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Peter Dolding, (Tue Oct 30, 1:13 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Tue Oct 30, 2:42 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Peter Dolding, (Tue Oct 30, 7:38 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., , (Tue Oct 30, 8:16 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Peter Dolding, (Tue Oct 30, 10:21 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Crispin Cowan, (Wed Oct 31, 2:43 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Toshiharu Harada, (Wed Oct 31, 6:10 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Peter Dolding, (Wed Oct 31, 10:04 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Casey Schaufler, (Wed Oct 31, 10:20 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Peter Dolding, (Wed Oct 31, 10:51 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Andrew Morgan, (Mon Nov 5, 2:56 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Serge E. Hallyn, (Mon Nov 5, 9:29 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Thu Nov 1, 3:17 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., David Newall, (Thu Nov 1, 7:49 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Peter Dolding, (Sat Nov 3, 9:28 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Peter Dolding, (Wed Oct 31, 5:03 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., , (Wed Oct 31, 1:08 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Casey Schaufler, (Tue Oct 30, 11:43 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Casey Schaufler, (Tue Oct 30, 3:14 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Tue Oct 30, 3:50 pm)

Defense in depth: LSM *modules*, not a static interface, Cliffe, (Tue Oct 30, 3:14 am)

Re: Defense in depth: LSM *modules*, not a static interface, Simon Arlott, (Tue Oct 30, 8:30 am)

Re: Defense in depth: LSM *modules*, not a static interface, Crispin Cowan, (Mon Nov 5, 11:46 pm)

Re: Defense in depth: LSM *modules*, not a static interface, Cliffe, (Tue Nov 6, 3:26 am)

Re: Defense in depth: LSM *modules*, not a static interface, Peter Dolding, (Tue Nov 6, 7:59 pm)

Re: Defense in depth: LSM *modules*, not a static interface, Cliffe, (Tue Nov 6, 11:50 pm)

Re: Defense in depth: LSM *modules*, not a static interface, Casey Schaufler, (Tue Nov 6, 11:35 pm)

Re: Defense in depth: LSM *modules*, not a static interface, Tetsuo Handa, (Wed Nov 7, 12:11 am)

Re: Defense in depth: LSM *modules*, not a static interface, Casey Schaufler, (Wed Nov 7, 12:34 am)

Re: Defense in depth: LSM *modules*, not a static interface, Peter Dolding, (Wed Nov 7, 12:34 am)

Re: Defense in depth: LSM *modules*, not a static interface, Al Viro, (Tue Oct 30, 2:55 am)

Re: Defense in depth: LSM *modules*, not a static interface, Crispin Cowan, (Tue Oct 30, 3:55 am)

Re: Defense in depth: LSM *modules*, not a static interface, Casey Schaufler, (Tue Oct 30, 11:01 am)

Re: Defense in depth: LSM *modules*, not a static interface, Cliffe, (Tue Oct 30, 4:00 am)


linux-kernel:
Stephen Smalley	Re: [AppArmor 39/45] AppArmor: Profile loading and manipulation, pathname matching
Tarkan Erimer	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Jan Engelhardt	intel iommu (Re: -mm merge plans for 2.6.23)
Greg Kroah-Hartman	[PATCH 005/196] Chinese: add translation of SubmittingDrivers
git:

linux-activists:
David Fenyes	sigsetmask()? (LINUX)
Stephen Tweedie	Unmounting root (no kidding!) [was: Some Linux problems---solved]
Les Andrzejewski	X386/WD90C31/SUMSUNG SYNC MASTER 4
Doug Evans	Re: Stabilizing Linux
linux-netdev:
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
Linus Torvalds	Re: [GIT]: Networking
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Herbert Xu	Re: [PATCH] myr10ge: again fix lro_gen_skb() alignment

Re: Linux Security Module Framework (Was: LSM conversion to static interface)

Online users