lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20070626165202.bfe8e6df.akpm@linux-foundation.org>
Date:	Tue, 26 Jun 2007 16:52:02 -0700
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	jjohansen@...e.de
Cc:	linux-kernel@...r.kernel.org,
	linux-security-module@...r.kernel.org,
	linux-fsdevel@...r.kernel.org
Subject: Re: [AppArmor 00/44] AppArmor security module overview

On Tue, 26 Jun 2007 16:07:56 -0700
jjohansen@...e.de wrote:

> This post contains patches to include the AppArmor application security
> framework, with request for inclusion into -mm for wider testing.

Patches 24 and 31 didn't come through.

Rolled-up diffstat (excluding 24&31):

 fs/attr.c                            |    7 
 fs/dcache.c                          |  181 ++-
 fs/ecryptfs/inode.c                  |   41 
 fs/exec.c                            |    3 
 fs/fat/file.c                        |    2 
 fs/hpfs/namei.c                      |    2 
 fs/namei.c                           |  115 +-
 fs/nfsd/nfs4recover.c                |    7 
 fs/nfsd/nfs4xdr.c                    |    2 
 fs/nfsd/vfs.c                        |   89 +
 fs/ntfs/file.c                       |    2 
 fs/open.c                            |   50 
 fs/reiserfs/file.c                   |    2 
 fs/reiserfs/xattr.c                  |    8 
 fs/splice.c                          |    4 
 fs/stat.c                            |    2 
 fs/sysfs/file.c                      |    2 
 fs/utimes.c                          |   11 
 fs/xattr.c                           |   75 -
 fs/xfs/linux-2.6/xfs_lrw.c           |    2 
 include/linux/audit.h                |   12 
 include/linux/fs.h                   |   27 
 include/linux/nfsd/nfsd.h            |    3 
 include/linux/security.h             |  182 ++-
 include/linux/sysctl.h               |    2 
 include/linux/xattr.h                |   11 
 ipc/mqueue.c                         |    2 
 kernel/audit.c                       |    6 
 kernel/sysctl.c                      |   27 
 mm/filemap.c                         |   12 
 mm/filemap_xip.c                     |    2 
 mm/shmem.c                           |    2 
 mm/tiny-shmem.c                      |    2 
 net/unix/af_unix.c                   |    2 
 security/Kconfig                     |    1 
 security/Makefile                    |    1 
 security/apparmor/Kconfig            |   10 
 security/apparmor/Makefile           |   13 
 security/apparmor/apparmor.h         |  265 +++++
 security/apparmor/apparmorfs.c       |  252 +++++
 security/apparmor/inline.h           |  211 ++++
 security/apparmor/list.c             |   94 +
 security/apparmor/locking.txt        |   68 +
 security/apparmor/lsm.c              |  817 ++++++++++++++++
 security/apparmor/main.c             | 1255 +++++++++++++++++++++++++
 security/apparmor/match.c            |  248 ++++
 security/apparmor/match.h            |   83 +
 security/apparmor/module_interface.c |  589 +++++++++++
 security/apparmor/procattr.c         |  155 +++
 security/commoncap.c                 |    7 
 security/dummy.c                     |   43 
 security/selinux/hooks.c             |   94 -
 52 files changed, 4701 insertions(+), 404 deletions(-)

which seems OK.


so...  where do we stand with this?  Fundamental, irreconcilable
differences over the use of pathname-based security?

Are there any other sticking points?


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ