lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ba89a02a-5550-689f-6609-1e8c025f5b91@infradead.org>
Date:   Wed, 20 Mar 2019 17:39:20 -0700
From:   Randy Dunlap <rdunlap@...radead.org>
To:     Kees Cook <keescook@...omium.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: what happened to SECURITY_DAC?

wow.  Commit 70b62c25665f636c9f6c700b26af7df296b0887e
from last Sept. 14, 2018, total commit description says:

    LoadPin: Initialize as ordered LSM
    
    This converts LoadPin from being a direct "minor" LSM into an ordered LSM.

Nowhere does it say anything like "this also deletes any notions of
DEFAULT_SECURITY and DAC."

Was this deletion a (sekrit) security issue that was not being highlighted on purpose?


and what do you recommend for simple DAC-like security?

thanks.  :(

-- 
~Randy

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ