| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <48F400DD.50905@sparta.com> Date: Mon, 13 Oct 2008 22:15:57 -0400 From: "Matthew N. Dodd" <Matthew.Dodd@...rta.com> To: James Morris <jmorris@...ei.org> CC: "David P. Quigley" <dpquigl@...ho.nsa.gov>, labeled-nfs@...ux-nfs.org, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-security-module@...r.kernel.org, viro@...iv.linux.org.uk, selinux@...ho.nsa.gov Subject: Re: [Labeled-nfs] [RFC v3] Security Label Support for NFSv4 James Morris wrote: > On Mon, 29 Sep 2008, David P. Quigley wrote: > >> * New security flavor (auth_seclabel) to transport process label to >> server. This is a derivative of auth_unix so it does not support >> kerberos which has its own issues that need to be dealt with. > > This is a problem, as discussed last year: > > http://linux-nfs.org/pipermail/labeled-nfs/2007-November/000110.html > > We can't require the use of a new auth flavor which is incompatible with > auth_gss. auth_seclabel demonstrates the flavor independent changes required for any RPC layer process label transport. A GSS solution is currently under discussion. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists