lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <200711281242.52941.tvrtko.ursulin@sophos.com>
Date:	Wed, 28 Nov 2007 12:42:52 +0000
From:	"Tvrtko A. Ursulin" <tvrtko.ursulin@...hos.com>
To:	linux-kernel@...r.kernel.org
Subject: Out of tree module using LSM


Hi Linus, all,

During one recent LKML discussion 
(http://marc.info/?l=linux-kernel&m=119267398722085&w=2) about LSM going 
static  you called for LSM users to speak up.

We here at Sophos (the fourth largest endpoint security vendor in the world) 
have such a module called Talpa which is a part of our main endpoint security 
product for Linux  that protects from viruses and malware hosted on Linux, 
including those targetting Windows or other connected devices,  
(http://www.sophos.com/products/enterprise/endpoint/security-and-control/linux/index.html) 
which is GPL code and has been in the field for almost three years now. It's 
source code has been shipping with the product from the start.  We also have 
a SourceForge project at http://sourceforge.net/projects/talpa/ to host it.

In essence, what our module does is it intercepts file accesses and allows 
userspace daemons to vet them. One of the means we implemented that is 
through LSM and although it is not a perfect match for such use we prefer to 
use an official interface. Unfortunately, with time it became impossible to 
use LSM on some distributions (SELinux) so we had to implement other 
intercept methods which are significantly less nice, and which may also 
become unworkable over time.

The main point here is that making LSM not available for modules makes our 
life even more difficult and we would like to ask you to revert that change 
until another acceptable, secure solution is found.

At this point I would not like this to turn into a discussion on technical or 
code merits of our current approach. It is just that usage scenarios of 
(dis-)allowing access to files based on their content, regardless of the 
actual details, do sound like a reasonable idea. What we would like to do is 
to start discussion about possible solutions in which other interested 
parties will hopefully join and in future create some progress on this front.

-- 
Tvrtko August Ursulin
Senior Software Engineer, Sophos

Tel: 01235 559933
Web: www.sophos.com
Protecting business against viruses, spyware, spam and policy abuse

Sophos Plc, The Pentagon, Abingdon Science Park, Abingdon,
OX14 3YP, United Kingdom.

Company Reg No 2096520. VAT Reg No GB 348 3873 20.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ