| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 27 Oct 2006 18:34:10 +0100 From: David Howells <dhowells@...hat.com> To: Stephen Smalley <sds@...ho.nsa.gov> Cc: David Howells <dhowells@...hat.com>, aviro@...hat.com, linux-kernel@...r.kernel.org, selinux@...ho.nsa.gov, chrisw@...s-sol.org, jmorris@...ei.org Subject: Re: Security issues with local filesystem caching Stephen Smalley <sds@...ho.nsa.gov> wrote: > > You start the cache by mounting it: > > > > mount -t cachefs /dev/hdx9 /cachefs > > > > Then it's online. However, you might want to check that whoever's calling > > mount has permission to bring a cache online... > > Hmmm...that raises a separate issue - how does SELinux label cachefs > inodes? Does cachefs support xattrs? Other option is to use a mount > context (mount -o context=...) to apply a single context to all inodes > within it. There are only two inodes publically available through cachefs - the root dir and a file of statistics - and they're both read only. Everything else, for the moment, is strictly internal and unavailable to userspace. In fact, there may not be any other inodes. > Where exactly is the cachefs code available? It'll need a little bit of work to make it compilable again; but I can probably get you a copy on Monday. I've been concentrating on CacheFiles. > I'm also unclear on where you establish the binding between the files > being cached and the cache. What specifies that e.g. a given NFS mount > should be backed to a given cache? We need to be able to control that > relationship too, to establish that the cache is being protected > adequately for the source data. Yes. I haven't worked that one out yet. Currently it's not a problem as only CacheFiles is available at the moment, and that currently only supports one cache. But I have an idea that I need to work on to make it possible to associate directories and files with caches (or other useful parameters). > > (1) Permission to bring a cache online or to take a cache offline. > > At present, this will show up as the usual checking on mount (security > hooks in do_mount and vfs_kern_mount) and on umount (security hook in > do_umount) by SELinux. I'm not sure whether you need anything specific > to the cache. That doesn't apply to CacheFiles, but okay; we can always add it later if we decide we want it. David - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists