| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 28 May 2010 01:51:47 +0500 From: Shaz <shazalive@...il.com> To: linux-kernel@...r.kernel.org Cc: securityengineeringresearchgroup <securityengineeringresearchgroup@...glegroups.com> Subject: Fwd: Default security module feature of 2.6.34 ---------- Forwarded message ---------- From: Stephen Smalley <sds@...ho.nsa.gov> Date: Fri, May 28, 2010 at 1:44 AM Subject: Re: Default security module feature of 2.6.34 To: Shaz <shazalive@...il.com> Cc: selinux <selinux@...ho.nsa.gov> On Fri, 2010-05-28 at 01:28 +0500, Shaz wrote: > On Fri, May 28, 2010 at 12:27 AM, Stephen Smalley <sds@...ho.nsa.gov> wrote: > > On Thu, 2010-05-27 at 22:12 +0500, Shaz wrote: > >> Dear all, > >> > >> I saw the default security feature in linux-2.6.34 and wanted to know > >> what difference does it make to have linux DAC or selinux as the > >> default security module? > > > > It doesn't appear to change anything. Not sure if that was the intent. > > > > The purpose of the option was to allow specification of what security > > module to enable at boot by default when multiple security modules are > > built into the kernel and no security= parameter was specified on the > > kernel command line. Mostly useful for distributions who want to ship a > > single kernel that can support any security module and default to a > > particular one. So for example you could compile SELinux, Smack, and > > TOMOYO into your kernel while defaulting to enabling TOMOYO at boot > > time, letting the user optionally select SELinux or Smack via the > > security= kernel parameter. > > > > I think the DAC setting was just to reflect the fact that if you don't > > enable anything else, you'll get DAC by default. But to make that > > option actually select DAC-only at boot (i.e. not enable any of security > > modules), it would have to set the DEFAULT_SECURITY string to some > > non-empty string that doesn't match any security module name rather than > > to the empty string. > > If selinux is chosen at default then what would be the effect? Would > LSM be invoked before DAC checks? If not then this kernel > configuration scheme needs to be corrected. No, it doesn't have anything to do with when the check is applied; it just affects which security module is enabled by default at boot if multiple security modules are built into your kernel. DEFAULT_SECURITY_DAC is likely meant to disable all security modules (DAC isn't a security module), falling back to only the default DAC logic. In which case the Kconfig file does need to be fixed. -- Stephen Smalley National Security Agency -- Shaz -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists