lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1291917921.12683.4.camel@localhost.localdomain>
Date:	Thu, 09 Dec 2010 13:05:21 -0500
From:	Eric Paris <eparis@...hat.com>
To:	John Stoffel <john@...ffel.org>
Cc:	xfs-masters@....sgi.com, linux-btrfs@...r.kernel.org,
	linux-kernel@...r.kernel.org, linux-ext4@...r.kernel.org,
	cluster-devel@...hat.com, linux-mtd@...ts.infradead.org,
	jfs-discussion@...ts.sourceforge.net, ocfs2-devel@....oracle.com,
	reiserfs-devel@...r.kernel.org, xfs@....sgi.com,
	linux-mm@...ck.org, linux-security-module@...r.kernel.org,
	chris.mason@...cle.com, jack@...e.cz, akpm@...ux-foundation.org,
	adilger.kernel@...ger.ca, tytso@....edu, swhiteho@...hat.com,
	dwmw2@...radead.org, shaggy@...ux.vnet.ibm.com, mfasheh@...e.com,
	joel.becker@...cle.com, aelder@....com, hughd@...gle.com,
	jmorris@...ei.org, sds@...ho.nsa.gov, eparis@...isplace.org,
	hch@....de, dchinner@...hat.com, viro@...iv.linux.org.uk,
	shemminger@...tta.com, jeffm@...e.com, paul.moore@...com,
	penguin-kernel@...ove.SAKURA.ne.jp, casey@...aufler-ca.com,
	kees.cook@...onical.com, dhowells@...hat.com
Subject: Re: [PATCH] fs/vfs/security: pass last path component to LSM on
 inode creation

On Thu, 2010-12-09 at 12:48 -0500, John Stoffel wrote:
> >>>>> "Eric" == Eric Paris <eparis@...hat.com> writes:
> 
> Eric> On Thu, 2010-12-09 at 10:05 -0500, John Stoffel wrote:
> >> >>>>> "Eric" == Eric Paris <eparis@...hat.com> writes:
> 
> Eric> This patch adds a 4th piece of information, the name of the
> Eric> object being created.  An obvious situation where this will be
> Eric> useful is devtmpfs (although you'll find other examples in the
> Eric> above thread).  devtmpfs when it creates char/block devices is
> Eric> unable to distinguish between kmem and console and so they are
> Eric> created with a generic label.  hotplug/udev is then called which
> Eric> does some pathname like matching and relabels them to something
> Eric> more specific.  We've found that many people are able to race
> Eric> against this particular updating and get spurious denials in
> Eric> /dev.  With this patch devtmpfs will be able to get the labels
> Eric> correct to begin with.
> 
> So your Label based access controls are *also* based on pathnames?
> Right?

Access decisions are still based solely on the label.  This patch can
influence how new objects get their label, which makes the access
decisions indirectly path based.  You'll find a reasonable summary and
commentary on lwn in this weeks security section.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ