lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070626131519.GH1094@stusta.de>
Date:	Tue, 26 Jun 2007 15:15:19 +0200
From:	Adrian Bunk <bunk@...sta.de>
To:	"Serge E. Hallyn" <serge@...lyn.com>
Cc:	James Morris <jmorris@...ei.org>,
	Andreas Gruenbacher <agruen@...e.de>,
	Chris Wright <chrisw@...s-sol.org>,
	linux-security-module@...r.kernel.org,
	"Serge E. Hallyn" <serue@...ibm.com>,
	Andrew Morgan <agm@...gle.com>,
	Andrew Morton <akpm@...gle.com>,
	Stephen Smalley <sds@...ho.nsa.gov>,
	lkml <linux-kernel@...r.kernel.org>,
	Arjan van de Ven <arjan@...radead.org>,
	Greg KH <greg@...ah.com>, Eric Paris <eparis@...hat.com>
Subject: Re: [PATCH try #2] security: Convert LSM into a static interface

On Mon, Jun 25, 2007 at 10:57:31PM -0500, Serge E. Hallyn wrote:
> Quoting James Morris (jmorris@...ei.org):
> > On Mon, 25 Jun 2007, Andreas Gruenbacher wrote:
> > 
> > > It's useful for some LSMs to be modular, and LSMs which are y/n options won't 
> > > have any security architecture issues with unloading at all. 
> > 
> > Which LSMs?  Upstream, there are SELinux and capabilty, and they're not 
> > safe as loadable modules.
> > 
> > > The mere fact 
> > > that SELinux cannot be built as a module is a rather weak argument for 
> > > disabling LSM modules as a whole, so  please don't.
> > 
> > That's not the argument.  Please review the thread.
> 
> The argument is 'abuse', right?
> 
> Abuse is defined as using the LSM hooks for non-security applications,
> right?
> 
> It seems to me that the community is doing a good job of discouraging
> such abuse - by redirecting the "wrong-doers" to implement proper
> upstream solutions, i.e. taskstats, the audit subsystem, etc.
> 
> Such encouragement seems a far better response than taking away freedoms
> and flexibility from everyone.

We are not living in a world where everyone had good intentions...

For _some_ "wrong-doers" your approach works.

But how do you convince the "wrong-doers" who do things like putting 
MODULE_LICENSE("GPL") into their binary-only modules and who ignore you 
and get away because noone sues them?

The spirit of the GPLv2 is to defend the freedom of the software 
(different from the spirit of the BSD licence), and considering that 
there aren't many people defending the GPLv2 copyright of the Linux 
kernel at court against abusers, making it harder for people to do the 
abuse might not be the worst choice...

> -serge

cu
Adrian

-- 

       "Is there not promise of rain?" Ling Tan asked suddenly out
        of the darkness. There had been need of rain for many days.
       "Only a promise," Lao Er said.
                                       Pearl S. Buck - Dragon Seed

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ