lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080308214757.GA22701@sergelap.austin.ibm.com>
Date:	Sat, 8 Mar 2008 15:47:57 -0600
From:	"Serge E. Hallyn" <serue@...ibm.com>
To:	Greg KH <greg@...ah.com>
Cc:	"Serge E. Hallyn" <serue@...ibm.com>,
	Pavel Emelyanov <xemul@...nvz.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	linux-kernel@...r.kernel.org, menage@...gle.com, sukadev@...ibm.com
Subject: Re: [PATCH 5/9] Make use of permissions, returned by kobj_lookup

Quoting Greg KH (greg@...ah.com):
> On Fri, Mar 07, 2008 at 12:50:52PM -0600, Serge E. Hallyn wrote:
> > Quoting Greg KH (greg@...ah.com):
> > > On Fri, Mar 07, 2008 at 11:35:42AM -0600, Serge E. Hallyn wrote:
> > > > > Do you really want to run other LSMs within a containerd kernel?  Is
> > > > > that a requirement?  It would seem to run counter to the main goal of
> > > > > containers to me.
> > > > 
> > > > Until user namespaces are complete, selinux seems the only good solution
> > > > to offer isolation.
> > > 
> > > Great, use that instead :)
> > 
> > That can't work as is since you can't specify major:minor in policy.
> 
> Your LSM can not, or the LSM interface does not allow this to happen?

No my lsm in fact does, you just can't do it with selinux policy at the
moment.  I was still responding to your "just use selinux" :)

> > So all we could do again is simply refuse all mknod, which we can
> > already do with per-process capability bounding sets.
> 
> I thought we passed that info down to the LSM module, can't you do your
> selection at that point in time?
> 
> And then, just mediate open() like always, right?

Yup, the patch I included inline does that.

An LSM can address the problem.  It just felt like more of a
patch-over-the-real-problem kind of solution.

thanks,
-serge
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ