lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <2375c9f91001220202m724e2ee2p2213b81a043ebd33@mail.gmail.com>
Date:	Fri, 22 Jan 2010 18:02:47 +0800
From:	Américo Wang <xiyou.wangcong@...il.com>
To:	zhou peng <ailvpeng25@...il.com>
Cc:	Christoph Hellwig <hch@...radead.org>,
	Casey Schaufler <casey@...aufler-ca.com>, sds@...ho.nsa.gov,
	jra@...ba.org, linux-security-module@...r.kernel.org,
	linux-next@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>,
	linux-fsdevel@...r.kernel.org
Subject: Re: About ACL for IPC Object

(Top-posting fixed.)

On Fri, Jan 22, 2010 at 5:15 PM, zhou peng <ailvpeng25@...il.com> wrote:
>
> 2010/1/21 Christoph Hellwig <hch@...radead.org>:
>> On Wed, Jan 20, 2010 at 07:02:27PM -0800, Casey Schaufler wrote:
>>> zhou peng wrote:
>>> > Hi all,
>>> >
>>> > There are ACL in file system, but why there are no ACL implementation
>>> > in IPC object, eg. shm, message queue, FIFO?
>>> >
>>>
>>> Most people haven't noticed that IPC objects are even there, much less
>>> that they have mode bits and not ACLs. Even when we were doing security
>>> evaluations on Unix boxes in the 1990's they were considered insufficiently
>>> interesting to justify the additional work to do ACLs.
>>>
>>> If you really want ACLs on IPC objects it would make a dandy little
>>> project for a summer. I would be happy to review patches.
>
> Thanks. It's interesting to add ACL over IPC objects. I want to have a try.
>
>>
>> Or use the posix IPC mechanisms.  The Posix shared memory has ACL by
>> using tmpfs as the backing store, and we could add similar support to
>> Posix messages queues as they are also backed by a normal filesystem.
>
> Christoph Hellwig, This way may be convinent. Could you give some
> detailed message. :)
> I only find /proc/ipc/shm file which contain the info of shm objs,and
> tmpfs on /dev/shm which is empty.
>
>>
>> Adding this support to the old SYSV IPC mechanisms would be much harder
>> as they do not fit into the file backed model we use everywhere else at
>> all.
>
> Just like file objects, the mode bits are implment over IPC objects
> without file backed, so I think adding ACL support to IPC objects may
> be somewhat reasonable :)
>
> Thank you all for so many solutions.
>
> I want to control some IPC object (shm, msg queue, semphore) can be
> accessed by which named user or named group just like file objects ACL
> do.
>
> I studied the solution you all referred, The SELinux is powerful but
> may be somewhat complicated. And I am confused with Christoph
> Hellwig‘s solution using tmpfs.

Well, only posix semphores and posix share memory use tmpfs, I think,
posix msg queues use "mqueue" instead.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ