Re: [AppArmor 39/45] AppArmor: Profile loading and manipulation, pathname matching

!MAILaRCHIVE_VOTE_RePLACE
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
To: Andreas Gruenbacher <agruen@...>
Cc: Stephen Smalley <sds@...>, Pavel Machek <pavel@...>, <jjohansen@...>, <linux-kernel@...>, <linux-security-module@...>, <linux-fsdevel@...>
Date: Friday, June 8, 2007 - 8:17 pm

On Sat, Jun 09, 2007 at 12:03:57AM +0200, Andreas Gruenbacher wrote:

Woah, that describes the userspace side of AA just fine, it means
nothing when it comes to the in-kernel implementation.  There is no
reason that you can't implement the same functionality using some
totally different in-kernel solution if possible.


I am still not completely certian that we can not properly implement AA
functionality using a SELinux backend solution.  Yes, the current tools
that try to implement this are still lacking, and maybe the kernel needs
to change, but that is possible.

I still want to see a definition of the AA "model" that we can then use
to try to implement using whatever solution works best.  As that seems
to be missing the current argument of if AA can or can not be
implemented using SELinux or something totally different should be
stopped.

So, AA developers, do you have such a document anywhere?  I know there
are some old research papers, do they properly describe the current
model you are trying to implement here?

thanks,

greg k-h
-
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Andreas Gruenbacher, (Mon Jun 4, 5:03 pm)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Andreas Gruenbacher, (Fri Jun 8, 6:03 pm)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Greg KH, (Fri Jun 8, 8:17 pm)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Andreas Gruenbacher, (Sat Jun 9, 11:17 am)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Lars Marowsky-Bree, (Tue Jun 12, 1:03 pm)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Andreas Gruenbacher, (Thu Jun 21, 11:54 am)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Lars Marowsky-Bree, (Thu Jun 21, 12:08 pm)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Lars Marowsky-Bree, (Thu Jun 21, 3:35 pm)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Lars Marowsky-Bree, (Thu Jun 21, 3:24 pm)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Lars Marowsky-Bree, (Thu Jun 21, 3:54 pm)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Lars Marowsky-Bree, (Fri Jun 22, 8:42 am)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Lars Marowsky-Bree, (Tue Jun 26, 4:50 am)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Lars Marowsky-Bree, (Thu Jun 21, 5:17 pm)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Lars Marowsky-Bree, (Fri Jun 22, 6:49 am)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Lars Marowsky-Bree, (Thu Jun 21, 8:19 pm)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Lars Marowsky-Bree, (Fri Jun 22, 7:37 am)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Lars Marowsky-Bree, (Fri Jun 22, 8:54 am)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Lars Marowsky-Bree, (Thu Jun 21, 4:21 pm)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Andreas Gruenbacher, (Fri Jun 22, 5:59 am)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Andreas Gruenbacher, (Thu Jun 21, 12:01 pm)
Re: [AppArmor 39/45] AppArmor: Profile loading and manipulat..., Andreas Gruenbacher, (Sat Jun 9, 11:05 am)