lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <48DBBBF1.3050407@collax.com>
Date:	Thu, 25 Sep 2008 18:27:29 +0200
From:	Tilman Baumann <tilman.baumann@...lax.com>
To:	Linux-Kernel <linux-kernel@...r.kernel.org>
Subject: SMACK startproc patch

Sorry if i pollute the wrong list with my stuff. But SMACK does not seem 
to have it's own list and now lives in the kernel. Though this is 
userspace related...

The smack howto mentions a not yet implemented smack option for 
start-stop-daemon.
We mainly use startproc. So i made a patch which adds this functionality 
to startproc.

It adds the option [-S LABEL] to startproc, which brings the called 
process up with /proc/self/attr/current = LABEL.
I figured setting the security context should happen after things like 
pidfiles where written. But this is certainly up for discussion.

This patch applies to killproc version 2.08.

Please enjoy and comment.

Regards
  Tilman Baumann

-- 
Tilman Baumann
Software Developer
Collax GmbH . Boetzinger Strasse 60 . 79111 Freiburg . Germany

p: +49 (0) 89-990157-0
f: +49 (0) 89-990157-11

Geschaeftsfuehrer: William K. Hite / Boris Nalbach
AG Muenchen HRB 158898, Ust.-IdNr: DE 814464942

View attachment "killproc-smack.diff" of type "text/x-patch" (3269 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ