Re: [PATCH] Extended Attributes for Security Modules against 2.5.68

Stephen Smalley (sds@epoch.ncsc.mil)
24 Apr 2003 16:07:22 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Kenneth Johansson: "Re: Flame Linus to a crisp!"
Previous message: Stephen Smalley: "Re: [PATCH] Extended Attributes for Security Modules against 2.5.68"
In reply to: Stephen Smalley: "Re: [PATCH] Extended Attributes for Security Modules against 2.5.68"

On Thu, 2003-04-24 at 15:47, Chris Wright wrote:
> Yes, there was also some mention of the permission issue w.r.t. HSM and
> (i vaguely recall) an xattr interface proposed that noted if the request was
> internal from the kernel (skip the capable check) or on behalf of user.
> If this were carried through, it could suffice, no?

You still wouldn't want the security check implemented in the xattr
handler (even for calls on behalf of user processes), because it will
differ depending on the security module and may require the full
contextual information (process and inode). Effectively, you would have
to just implement a call from the xattr handler to the security module,
and we already have hook calls from the [gs]etxattr system call code to
the security module to support such permission checking for user
processes.

-- Stephen Smalley <sds@epoch.ncsc.mil> National Security Agency

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Next message: Kenneth Johansson: "Re: Flame Linus to a crisp!"
Previous message: Stephen Smalley: "Re: [PATCH] Extended Attributes for Security Modules against 2.5.68"
In reply to: Stephen Smalley: "Re: [PATCH] Extended Attributes for Security Modules against 2.5.68"