Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions.

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Kentaro Takeda

Subject: Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions.

Date: Wednesday, October 1, 2008 - 1:23 am

Valdis.Kletnieks@vt.edu wrote:
quoted text> On Tue, 30 Sep 2008 19:33:32 PDT, Casey Schaufler said:
>> I have always believed that MAC should come first, then DAC, because
>> MAC may care if you can see the mode bits. The current DAC before MAC
>> is an artifact of the desire for the LSM to behave cleanly as a
>> strictly additional mechanism. From an ideal security perspective
>> MAC should be first, but the pragmatic DAC first isn't going to cause
>> too much grief. If Tomoyo wants to do what I think is the right thing,
>> well, it's OK with me.
> I'm OK with the MAC going first as well
Current implementation is as follows.
- security_path_*: MAC before DAC
- security_inode_*: DAC before MAC
I can understand Casey and Valdis' MAC first approach from the ideal 
security perspective. However, from the pragmatic perspective, we 
prefer DAC before MAC approach as SELinux does. This approach doesn't 
change error code returned to callers if requested access is denied 
by DAC.

Regards,

--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda, (Wed Sep 24, 2:03 am)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn, (Thu Sep 25, 9:59 am)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda, (Thu Sep 25, 10:38 pm)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn, (Fri Sep 26, 6:04 am)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda, (Sun Sep 28, 9:04 pm)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn, (Tue Sep 30, 8:45 am)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Stephen Smalley, (Tue Sep 30, 9:14 am)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn, (Tue Sep 30, 9:23 am)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Casey Schaufler, (Tue Sep 30, 7:33 pm)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Valdis.Kletnieks, (Tue Sep 30, 10:05 pm)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda, (Wed Oct 1, 1:19 am)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda, (Wed Oct 1, 1:23 am)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn, (Wed Oct 1, 2:15 pm)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda, (Wed Oct 1, 10:04 pm)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn, (Thu Oct 2, 6:39 am)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda, (Thu Oct 2, 11:37 pm)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn, (Fri Oct 3, 6:09 am)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda, (Sun Oct 5, 7:19 pm)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Serge E. Hallyn, (Mon Oct 6, 9:54 am)

Re: [TOMOYO #9 (2.6.27-rc7-mm1) 1/6] LSM adapter functions., Kentaro Takeda, (Mon Oct 6, 11:28 pm)


linux-kernel:
Eberhard Moenkeberg	Re: OT: character encodings (was: Linux 2.6.20-rc4)
Andy Walls	Re: [PATCH 11/32] v4l/cx18: update workqueue usage
Thomas Gleixner	[patch -mm 19/28] x86_64: Use generic cmos update
Casey Schaufler	Re: [PATCH] Smack: Simplified Mandatory Access Control Kernel
Pierre Ossman	Re: sdio: enhance IO_RW_EXTENDED support
git:
Mark Junker	git on MacOSX and files with decomposed utf-8 file names
Pat Thoyts	[PATCH] git-gui: use themed tk widgets with Tk 8.5
Michael Witten	Re: 'git gc --aggressive' effectively unusable
Petko Manolov	git and binary files
Dan Chokola	Re: how do you "force a pull"?
git-commits-head:
Linux Kernel Mailing List	V4L/DVB (8018): Add em2860 chip ID
Linux Kernel Mailing List	[ARM] unconditionally define __virt_to_phys and __phys_to_virt
Linux Kernel Mailing List	ACPICA: Fix to allow zero-length ASL field declarations
Linux Kernel Mailing List	tracing: Simplify trace_option_write()
Linux Kernel Mailing List	ARM: Add Versatile Express SMP support
linux-netdev:
David Miller	Re: [PATCH 32/53] netns xfrm: finding policy in netns
Jean-Louis Dupond	Re: tg3 driver not advertising 1000mbit
Jan Engelhardt	[PATCH 1/3] net: tcp: make hybla selectable as default congestion module
David Miller	Re: [PATCH] IPv6: preferred lifetime of address not getting updated
Matt Mackall	Re: [regression] nf_iterate(), BUG: unable to handle kernel NULL pointer dereference
openbsd-misc:
Samuel Baldwin	Re: Forum engine
Robert	disklabel - cylinder rounding
nixlists	Re: Which laptops do the developers use?
L. V. Lammert	OT, .. but has anyone seen a crontab editor
Darrin Chandler	Re: That whole "Linux stealing our code" thing