lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 3 Mar 2015 21:08:52 -0800 (PST)
From:	David Lang <david@...g.hm>
To:	Luke Leighton <lkcl@...l.net>
cc:	linux-kernel@...r.kernel.org
Subject: Re: cgroup: status-quo and userland efforts

On Tue, 3 Mar 2015, Luke Leighton wrote:

>> I wrote about that many times, but here are two of the problems.
>>
>> * There's no way to designate a cgroup to a resource, because cgroup
>>   is only defined by the combination of who's looking at it for which
>>   controller.  That's how you end up with tagging the same resource
>>   multiple times for different controllers and even then it's broken
>>   as when you move resources from one cgroup to another, you can't
>>   tell what to do with other tags.
>>
>>   While allowing obscene level of flexibility, multiple hierarchies
>>   destroy a very fundamental concept that it *should* provide - that
>>   of a resource container.  It can't because a "cgroup" is undefined
>>   under multiple hierarchies.
>
> ok, there is an alternative to hierarchies, which has precedent
> (and, importantly, a set of userspace management tools as well as
>  existing code in the linux kernel), and it's the FLASK model which
>  you know as SE/Linux.
>
> whilst the majority of people view management to be "hierarchical"
> (so there is a top dog or God process and everything trickles down
>  from that), this is viewed as such an anathema in the security
> industry that someone came up with a formal specification for the
> real-world way in which permissions are managed, and it's called the
> FLASK model.

On this topic it's also worth reading Neil Brown's series of articles on this 
over at http://lwn.net/Articles/604609/ and why he concludes that having a 
single hierarchy for all resource types.

David Lang
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ