| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <bd03ab75-7df5-7de8-4d31-9f3e02bcb10e@tycho.nsa.gov>
Date: Mon, 3 Feb 2020 09:48:12 -0500
From: Stephen Smalley <sds@...ho.nsa.gov>
To: Richard Haines <richard_c_haines@...nternet.com>,
David Howells <dhowells@...hat.com>, paul@...l-moore.com
Cc: keyrings@...r.kernel.org, selinux@...r.kernel.org,
linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: SELinux: How to split permissions for keys?
On 2/3/20 9:03 AM, Richard Haines wrote:
> On Mon, 2020-02-03 at 08:13 -0500, Stephen Smalley wrote:
>> Was that kernel patch ever posted to selinux list and/or the selinux
>> kernel maintainers? I don't recall seeing it. If not, please send
>> it
>> to the selinux list for review; at least one selinux maintainer
>> should
>> ack it before it gets accepted into any other tree.
>>
>>
>
> Not formally. I did post it in a discussion about keys in [2]. Since
> then it's been modified to support the split permissions.
Yes, that doesn't count since a) it wasn't the final version of the
patch which changed significantly afterward and b) even it had been the
final version, there was no acked-by or reviewed-by from a selinux
maintainer, just some suggestions. A non-trivial patch that modifies
security/selinux needs to be at least acked by a selinux maintainer and
often should go through the upstream selinux maintainer (Paul).
> I've extracted the patch from [1] and will post that to list for
> comments.
Thanks.
> [2]
> https://lore.kernel.org/selinux/35455b30b5185780628e92c98ec8191c70f39bde.camel@btinternet.com/
Powered by blists - more mailing lists