Re: [PATCH] Extended Attributes for Security Modules against 2.5.68

Christoph Hellwig (hch@infradead.org)
Wed, 23 Apr 2003 20:26:15 +0100


On Wed, Apr 23, 2003 at 03:17:57PM -0400, Stephen Smalley wrote:
> On Wed, 2003-04-23 at 14:45, Christoph Hellwig wrote:
> > Randomly userland shouldn't deal with these xattrs. Remember you are
> > talking about the ondisk represenation of your labelling - nothing
> > but the labelling tools should ever touch it.
>
> Not true. ls should be able to display the security label. find should
> be able to locate files that have specific security labels. cp should
> be able to preserve the security label on copies. logrotate should be
> able to preserve the security label when rotating logs. crond should be
> able to check the security label on a crontab spool file to verify
> consistency with the user's credentials with which the cron job will
> run. login/sshd need to set the security label on the user's terminal
> device. You'll find plenty of examples of patched userland in SELinux,
> but none of these patches are specific to a particular set of security
> attributes. They just handle them as strings.

And all these should _not_ happen in the actual tools but in a
pluggable security module (something like pam). Encoding any security
policy and especially a xattr name in those utils is bad.

And see, you start to contradict what you said before - with your
suggestion cron has to know what the label means, so your selinux
cron would do stupid things with say may Posix 1003.1e MAC filesystem.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/