lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CACLa4pum7kXK+7+8ceVSuQsKDCFebdgGVYRTMKH9GQarqCEgMQ@mail.gmail.com>
Date:	Thu, 28 Feb 2013 17:20:58 -0500
From:	Eric Paris <eparis@...isplace.org>
To:	Vivek Goyal <vgoyal@...hat.com>
Cc:	Mimi Zohar <zohar@...ux.vnet.ibm.com>,
	linux kernel mailing list <linux-kernel@...r.kernel.org>,
	LSM List <linux-security-module@...r.kernel.org>
Subject: Re: IMA: How to manage user space signing policy with others

On Thu, Feb 28, 2013 at 4:35 PM, Vivek Goyal <vgoyal@...hat.com> wrote:
> On Thu, Feb 28, 2013 at 02:23:39PM -0500, Mimi Zohar wrote:

I think just a second for both of you to step back and see a slightly
larger picture/problem might help.

This is a weird case where Vivek does not trust root to make the
policy decision.  If the box is configured for secure boot, it needs
to make these decisions no matter what the admin wants.  This is why
he talks about trying to merge multiple competing policies.  The
current IMA policy is controlled by whomever can first write to the
ima policy file interface.  Vivek does not want an admin to be able to
overwrite the secureboot policy.  So I get why he thinks changes may
be needed to support this use case.

The ima_tcb policy was meant to be larger than needed to determine a
trusted computing base, but it is clearly not a superset of what he is
hoping to accomplish.

So how do we take a system where the admin/software has some control
over the integrity policy (as it is today?) and the kernel/system
itself also has control (as Vivek wants it)?

It seems unsolved with what we have today....

-Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ