lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sun, 17 Feb 2019 21:45:57 -0500
From:   Paul Moore <paul@...l-moore.com>
To:     Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>
Cc:     SELinux <selinux@...r.kernel.org>, kernel-team@...ts.ubuntu.com,
        Casey Schaufler <casey@...aufler-ca.com>,
        Kees Cook <keescook@...omium.org>,
        James Morris <jmorris@...ei.org>,
        linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] LSM: Ignore "security=" when "lsm=" is specified

On Sun, Feb 17, 2019 at 12:17 AM Tetsuo Handa
<penguin-kernel@...ove.sakura.ne.jp> wrote:
> On 2019/02/14 1:05, Casey Schaufler wrote:
> > On 2/12/2019 10:23 AM, Kees Cook wrote:
> >> To avoid potential confusion, explicitly ignore "security=" when "lsm=" is
> >> used on the command line, and report that it is happening.
> >>
> >> Suggested-by: Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>
> >> Signed-off-by: Kees Cook <keescook@...omium.org>
> >
> > Acked-by: Casey Schaufler <casey@...aufler-ca.com>
>
> The manual for TOMOYO was updated to follow this change.
> SELinux folks and AppArmor folks, can we apply this change?

My main concern is that "selinux={0|1}" continues to work as it has
for years.  It doesn't look like this affects that, but I can't say
I've dug into these changes very far.

-- 
paul moore
www.paul-moore.com

Powered by blists - more mailing lists