[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHC9VhRdU1CZJpPSEdSmui-Xirr0j261K=+SM7KiDwiPG-JSrQ@mail.gmail.com>
Date: Tue, 17 Oct 2023 11:45:40 -0400
From: Paul Moore <paul@...l-moore.com>
To: Mimi Zohar <zohar@...ux.ibm.com>
Cc: Mickaël Salaün <mic@...ikod.net>,
Eric Snowberg <eric.snowberg@...cle.com>,
"Serge E. Hallyn" <serge@...lyn.com>,
Jarkko Sakkinen <jarkko@...nel.org>,
David Howells <dhowells@...hat.com>,
David Woodhouse <dwmw2@...radead.org>,
Kanth Ghatraju <kanth.ghatraju@...cle.com>,
Konrad Wilk <konrad.wilk@...cle.com>,
"linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>,
"keyrings@...r.kernel.org" <keyrings@...r.kernel.org>,
open list <linux-kernel@...r.kernel.org>,
linux-security-module@...r.kernel.org
Subject: Re: RFC: New LSM to control usage of x509 certificates
On Tue, Oct 17, 2023 at 9:48 AM Mimi Zohar <zohar@...ux.ibm.com> wrote:
> On Thu, 2023-10-05 at 12:32 +0200, Mickaël Salaün wrote:
> > > > > A complementary approach would be to create an
> > > > > LSM (or a dedicated interface) to tie certificate properties to a set of
> > > > > kernel usages, while still letting users configure these constraints.
> > > >
> > > > That is an interesting idea. Would the other security maintainers be in
> > > > support of such an approach? Would a LSM be the correct interface?
> > > > Some of the recent work I have done with introducing key usage and CA
> > > > enforcement is difficult for a distro to pick up, since these changes can be
> > > > viewed as a regression. Each end-user has different signing procedures
> > > > and policies, so making something work for everyone is difficult. Letting the
> > > > user configure these constraints would solve this problem.
>
> Something definitely needs to be done about controlling the usage of
> x509 certificates. My concern is the level of granularity. Would this
> be at the LSM hook level or even finer granaularity?
You lost me, what do you mean by finer granularity than a LSM-based
access control? Can you give an existing example in the Linux kernel
of access control granularity that is finer grained than what is
provided by the LSMs?
--
paul-moore.com
Powered by blists - more mailing lists