lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 17 Sep 2008 10:46:07 -0700 (PDT)
From:	david@...g.hm
To:	Casey Schaufler <casey@...aufler-ca.com>
cc:	Kentaro Takeda <takedakn@...data.co.jp>,
	linux-security-module@...r.kernel.org,
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
	Toshiharu Harada <haradats@...data.co.jp>
Subject: Re: [PATCH] Introduce new LSM hooks where vfsmount is available.

On Tue, 16 Sep 2008, Casey Schaufler wrote:

> Kentaro Takeda wrote:
>> TOMOYO Linux needs method for calculating pathname in LSM module.
>> However, we have received comment from Al Viro, the vfs maintainer,
>> that adding vfsmount parameter to vfs helper functions (and LSM hooks)
>> is not preferable. We have asked some people (including Al), and we
>> came back to the most straightforward approach; adding new LSM hooks
>> where vfsmount is available.
>> 
>> The attached patch introduces several new LSM hooks TOMOYO Linux
>> needs. It has less impact to existing LSM module and no impact to vfs
>> helper functions. Please review it.
>> 
>> Regards,
>>
>> 
> As always, the community will be eager to see the code that makes
> use of these hooks.

you can bet that if these hooks are accepted, AppArmor and the various 
other LSMs that have not been accepted becouse of the problems they have 
dealing with paths will switch to using the 'approved' hooks.

so there are several bodies of code that have already been published that 
would want to use hooks like these if they are available.

David Lang
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ