| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LRH.2.21.1809280846280.8410@namei.org>
Date: Fri, 28 Sep 2018 08:47:13 +1000 (AEST)
From: James Morris <jmorris@...ei.org>
To: Casey Schaufler <casey@...aufler-ca.com>
cc: Casey Schaufler <casey.schaufler@...el.com>,
kristen@...ux.intel.com, kernel-hardening@...ts.openwall.com,
deneen.t.dock@...el.com, linux-kernel@...r.kernel.org,
dave.hansen@...el.com, linux-security-module@...r.kernel.org,
selinux@...ho.nsa.gov, arjan@...ux.intel.com
Subject: Re: [PATCH v5 5/5] sidechannel: Linux Security Module for
sidechannel
On Thu, 27 Sep 2018, Casey Schaufler wrote:
> On 9/27/2018 2:45 PM, James Morris wrote:
> > On Wed, 26 Sep 2018, Casey Schaufler wrote:
> >
> >> + /*
> >> + * Namespace checks. Considered safe if:
> >> + * cgroup namespace is the same
> >> + * User namespace is the same
> >> + * PID namespace is the same
> >> + */
> >> + if (current->nsproxy)
> >> + ccgn = current->nsproxy->cgroup_ns;
> >> + if (p->nsproxy)
> >> + pcgn = p->nsproxy->cgroup_ns;
> >> + if (ccgn != pcgn)
> >> + return -EACCES;
> >> + if (current->cred->user_ns != p->cred->user_ns)
> >> + return -EACCES;
> >> + if (task_active_pid_ns(current) != task_active_pid_ns(p))
> >> + return -EACCES;
> >> + return 0;
> > I really don't like the idea of hard-coding namespace security semantics
> > in an LSM. Also, I'm not sure if these semantics make any sense.
>
> Checks on namespaces where explicitly requested.
By whom and what is the rationale?
--
James Morris
<jmorris@...ei.org>
Powered by blists - more mailing lists