lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4900BB0E.9000303@cs.columbia.edu>
Date:	Thu, 23 Oct 2008 13:57:34 -0400
From:	Shaya Potter <spotter@...columbia.edu>
To:	crispin@...spincowan.com
CC:	Kentaro Takeda <takedakn@...data.co.jp>,
	Stephen Smalley <sds@...ho.nsa.gov>,
	James Morris <jmorris@...ei.org>,
	Chris Wright <chrisw@...s-sol.org>,
	"Serge E. Hallyn" <serue@...ibm.com>,
	linux-security-module@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	Toshiharu Harada <haradats@...data.co.jp>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>,
	Al Viro <viro@...iv.linux.org.uk>,
	Christoph Hellwig <hch@....de>,
	Casey Schaufler <casey@...aufler-ca.com>
Subject: Re: [TOMOYO #11 (linux-next) 01/11] Introduce new LSM hooks where
 vfsmount is available.

Shaya Potter wrote:
> crispin@...spincowan.com wrote:
>> Quoting Shaya Potter <spotter@...columbia.edu>:
>>> I know I'm late to the game in this, but as I recently asked about this
>>> and didn't get an answer, I'll re-ask my approach.
>>>
>>> Why can't you do this
>>>
>>> in lookup()
>>>
>>> - resolve rules (not for single process, but for all processes) for
>>> said path and tag dentry (seem to already have a hook)
>>>
>>> in permission()
>>
>> Because it doesn't work 
>> http://kerneltrap.org/mailarchive/linux-fsdevel/2007/6/8/319446
>>
>> Quick summary: The difference between the pathname model and the label 
>> model is dynamism. The accessi really is determined by the pathname to 
>> the file that you used to access the file. If you try to compute 
>> access based on attributes tagged onto the file, then you have to 
>> re-compute those attributes every time someone renames a file.
> 
> ok.  simple question then so why not just recompute them every every 
> rename?  are rename's that common relative to all other file operations 
> where we care?

just want to followup as didn't get a response.  If the problem is 
rename(), what's the problem with dropping the label on rename() to 
force a reevaluation on the next pass through the lookup() code.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ