Re: [RFC 0/5] [TALPA] Intro to a linux interface for on access scanning

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
From: Paul Moore
Date: Wednesday, August 6, 2008 - 7:18 am

On Tuesday 05 August 2008 11:00:31 pm Casey Schaufler wrote:

I still don't understand how that is any different from a file or some 
other resource, local or remote.  Assuming a single security label 
(tag, mark, mode, etc.) on an entity on which you wish to apply an 
access control decision the problem boils down to how do you 
internalize the security label in such a way that it can be useful for 
the security mechanism(s).  In the case of a single LSM you do this 
once, in the case of multiple, stacked LSMs you do this multiple times.

With multiple security markings on an entity then you have to decide if 
you want to consider every marking at each LSM instance, or a subset.  
The complexity in this case does go up dramatically, but I think the 
key point for our discussion is that it doesn't matter if the entity is 
a file or a packet.


Once again, these points apply equally to files as they do to packets.

-- 
paul moore
linux @ hp
--
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:
Re: [malware-list] [RFC 0/5] [TALPA] Intro to a linux inte ..., David Collier-Brown, (Wed Aug 6, 4:31 am)
Sidebar to [malware-list] [RFC 0/5] [TALPA] Intro to a lin ..., David Collier-Brown, (Wed Aug 6, 4:40 am)
Re: [RFC 0/5] [TALPA] Intro to a linux interface for on ac ..., Paul Moore, (Wed Aug 6, 7:18 am)
Re: [malware-list] [RFC 0/5] [TALPA] Intro to a linuxinter ..., David Collier-Brown, (Mon Aug 11, 9:11 am)