[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.0710301713260.8703@asgard.lang.hm>
Date: Tue, 30 Oct 2007 17:16:18 -0700 (PDT)
From: david@...g.hm
To: Peter Dolding <oiaohm@...il.com>
cc: linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org
Subject: Re: Linux Security *Module* Framework (Was: LSM conversion to static
interface)
On Wed, 31 Oct 2007, Peter Dolding wrote:
> MultiAdmin loaded before Selinux breaks Selinux since Multi Admin rules are
> applied over using Selinux rules. This is just the way it is stacking LSM's
> is Just not healthy you always risk on LSM breaking another. Part of the
> reason why I have suggested a complete redesign of LSM. To get away from
> this problem of stacking.
since the method of stacking hasn't been determined yet, you can't say
this.
it would be possible for MultiAdmin to grant additional access, that
SELinux then denies for it's own reasons.
if the SELinux policy is written so that it ignores capabilities, and
instead just looks at uid0 then that policy is broken in a stacked
environment, but it's the polciy that's broken, not the stacking.
yes, there will be interactions that don't make sense, but just becouse
something can be used wrong doesn't mean that there aren't other cases
where it can be used properly.
David Lang
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists