| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 18 Jun 2010 19:23:03 -0700 From: Casey Schaufler <casey@...aufler-ca.com> To: "Eric W. Biederman" <ebiederm@...ssion.com> CC: Theodore Tso <tytso@....EDU>, Alan Cox <alan@...rguk.ukuu.org.uk>, Kees Cook <kees.cook@...onical.com>, Randy Dunlap <rdunlap@...otime.net>, James Morris <jmorris@...ei.org>, linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, Jiri Kosina <jkosina@...e.cz>, Dave Young <hidave.darkstar@...il.com>, Martin Schwidefsky <schwidefsky@...ibm.com>, Roland McGrath <roland@...hat.com>, Oleg Nesterov <oleg@...hat.com>, "H. Peter Anvin" <hpa@...or.com>, David Howells <dhowells@...hat.com>, Ingo Molnar <mingo@...e.hu>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, linux-doc@...r.kernel.org, Stephen Smalley <sds@...ho.nsa.gov>, Daniel J Walsh <dwalsh@...hat.com>, linux-security-module@...r.kernel.org Subject: Re: [PATCH] ptrace: allow restriction of ptrace scope Eric W. Biederman wrote: > Theodore Tso <tytso@....EDU> writes: > > >> i think we really need to have stacked LSM's, ! >> because there is a large set >> of people who will never use SELinux. Every few years, I take another >> look at SELinux, my head explodes with the (IMHO unneeded complexity), >> and I go away again... >> >> Yet I would really like a number of features such as this ptrace scope idea --- >> which I think is a useful feature, and it may be that stacking is the only >> way we can resolve this debate. The SELinux people will never believe that >> their system is too complicated, and I don't like using things that are impossible >> for me to understand or configure, and that doesn't seem likely to change anytime >> in the near future. >> >> I mean, even IPSEC RFC's are easier for me to understand, and that's saying >> a lot... >> > > > If anyone is going to work on this let me make a concrete suggestion. > Let's aim at not stacked lsm's but chained lsm's, and put the chaining > logic in the lsm core. > It's 35 years since my data structures course. What's the important difference between the two? > The core difficulty appears to be how do you multiplex the security pointers > on various objects out there. > That and making sure that the hooks that maintain state get called even if the decision to deny access has already been made by someone else. > My wishlist has this working so that I can logically have a local security > policy in a container, restricted by the global policy but with additional > restrictions. > > Eric > -- > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in > the body of a message to majordomo@...r.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > Please read the FAQ at http://www.tux.org/lkml/ > > > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists