lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1218770757.16613.36.camel@localhost.localdomain>
Date:	Thu, 14 Aug 2008 23:25:57 -0400
From:	Eric Paris <eparis@...hat.com>
To:	Alan Cox <alan@...rguk.ukuu.org.uk>
Cc:	Rik van Riel <riel@...hat.com>,
	"Press, Jonathan" <Jonathan.Press@...com>, peterz@...radead.org,
	linux-kernel@...r.kernel.org, malware-list@...ts.printk.net,
	hch@...radead.org, andi@...stfloor.org, viro@...IV.linux.org.uk,
	arjan@...radead.org
Subject: Re: [malware-list] TALPA - a threat model?  well sorta.

On Wed, 2008-08-13 at 22:23 +0100, Alan Cox wrote:
> On Wed, 13 Aug 2008 17:35:29 -0400
> Rik van Riel <riel@...hat.com> wrote:
> 
> > On Wed, 13 Aug 2008 17:24:28 -0400
> > "Press, Jonathan" <Jonathan.Press@...com> wrote:
> > 
> > > I may be missing something about your suggestion, but I don't see how
> > > this would work.  Who does the chmod?
> > 
> > Chmod is also not a solution to the hierarchical storage (or incremental
> > restore from backup) problem.
> > 
> > I believe we really do need the block-on-open.
> 
> The block on open is orthogonal really. Useful for HSM, useful for
> certain very primitive scanning but not much else that I can see.
> 
> And its a minor mod to the security hooks to allow it as far as I can see

So here's where I run into trouble.  Lets assume I want to be helpful
and engineer in a vacuum for this unknown HSM user as well.  Clearly
file scanners need the file to be there which means the inode ("on disk"
kind) needs to be there and stuff like that.  I assume that the HSM user
is going to need to hook long before these things even exist.  Where
would they need to hook?

Should I just design for my own needs and include stacking and a
priority number and hopefully the HSM people can use it later?  I don't
know the details of what might someday by needed for a project I know
nothing about *smile*

-Eric

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ