[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070325163113.GB6753@vino.hallyn.com>
Date: Sun, 25 Mar 2007 11:31:13 -0500
From: "Serge E. Hallyn" <serge@...lyn.com>
To: Pavel Machek <pavel@....cz>
Cc: Mimi Zohar <zohar@...ux.vnet.ibm.com>,
linux-kernel@...r.kernel.org, safford@...son.ibm.com,
serue@...ux.vnet.ibm.com, kjhall@...ux.vnet.ibm.com,
zohar@...ibm.com, akpm@...l.org
Subject: Re: [Patch 7/7] IBAC Patch
Quoting Pavel Machek (pavel@....cz):
> Hi!
>
> > This is a new Integrity Based Access Control(IBAC) LSM module which
> > bases access control decisions on the new integrity framework services.
> > IBAC is a sample LSM module to help clarify the interaction between
> > LSM and Linux Integrity Modules(LIM).
> >
> > - Updated Kconfig SECURITY_IBAC description
> > and SECURITY_IBAC_BOOTPARAM default value
> > - Prefixed all log messages with "ibac:"
> > - Redefined a couple of 'int' variables as 'static int'
> >
> > signed-off-by: Mimi Zohar <zohar@...ibm.com>
> > ---
> > Index: linux-2.6.21-rc4-mm1/security/ibac/Kconfig
> > ===================================================================
> > --- /dev/null
> > +++ linux-2.6.21-rc4-mm1/security/ibac/Kconfig
> > @@ -0,0 +1,41 @@
> > +config SECURITY_IBAC
> > + boolean "IBAC support"
> > + depends on SECURITY && SECURITY_NETWORK && INTEGRITY
> > + help
> > + Integrity Based Access Control(IBAC) uses the Linux
> > + Integrity Module(LIM) API calls to verify an executable's
> > + metadata and data's integrity. Based on the results,
> > + execution permission is permitted/denied. Integrity
> > + providers may implement the LIM hooks differently. For
> > + more information on integrity verification refer to the
> > + specific integrity provider documentation.
>
> ...sounds like pseudosecurity piece of **** whose only purpose is to
> prevent computer's owner to hack his own system?
>
> Why do we want it?
I assume, as it says not too far above, we want it as
"a sample LSM module to help clarify the interaction between LSM
and Linux Integrity Modules(LIM)"
Since the LIM stuff is infrastructure code, a simple user is nice of her
to provide, like the root_plug LSM.
Perhaps the comments should warn that using this for real by itself
would be trivial to work around?
-serge
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists