lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <OF74C1FF25.986585E9-ON802573A1.006239BF-802573A1.0064DE96@sophos.com>
Date:	Wed, 28 Nov 2007 18:22:00 +0000
From:	tvrtko.ursulin@...hos.com
To:	Stephen Hemminger <shemminger@...ux-foundation.org>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: Out of tree module using LSM

linux-kernel-owner@...r.kernel.org wrote on 28/11/2007 17:39:56:

> On Wed, 28 Nov 2007 16:46:13 +0000
> Christoph Hellwig <hch@...radead.org> wrote:
> 
> > On Wed, Nov 28, 2007 at 08:38:43AM -0800, Casey Schaufler wrote:
> > > Would you like to expound on that, or do you feel your claws
> > > are sharp enough already?
> > 
> > Just take a look at code.
> > 
> 
> The module in question hooks to the syscall table which is not
> acceptable.  Including dumpster diving through symbol table to
> find the syscall table since it is no longer exported.

That is not completely true.

As I said in the second part of my original email (that part Christoph 
deleted so please read it whole) I would prefer not to discuss all the 
ugly things some parts of our code do because they are irrelevant to the 
LSM discussion. But I still feel some extra explanation might be needed.

Talpa is modular itself being composed of a set of kernel modules of which 
not all are loaded simultaneously. Where possible LSM can be used and _no_ 
messing with syscall table will take place. Unfortunately where another 
LSM user is present that won't work and another solution had to be found. 
Also that drags history from 2.4 where that was the only solution.

So as there is no question the current code does some ugly things it is 
even more true that we would be even more happy to use an official API. 
LSM was that and we were happily using it which we won't be able to do if 
it abruptly goes away. Yes it is not a perfect match but until it is 
modified to be better, or until something appropriate is designed and 
implemented, it would be very nice if it could stay.

-- 
Tvrtko August Ursulin
Senior Software Engineer, Sophos

Tel: 01235 559933
Web: www.sophos.com
Protecting business against viruses, spyware, spam and policy abuse


Sophos Plc, The Pentagon, Abingdon Science Park, Abingdon,
OX14 3YP, United Kingdom.

Company Reg No 2096520. VAT Reg No GB 348 3873 20.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ