lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAHC9VhRdU1CZJpPSEdSmui-Xirr0j261K=+SM7KiDwiPG-JSrQ@mail.gmail.com>
Date:   Tue, 17 Oct 2023 11:45:40 -0400
From:   Paul Moore <paul@...l-moore.com>
To:     Mimi Zohar <zohar@...ux.ibm.com>
Cc:     Mickaël Salaün <mic@...ikod.net>,
        Eric Snowberg <eric.snowberg@...cle.com>,
        "Serge E. Hallyn" <serge@...lyn.com>,
        Jarkko Sakkinen <jarkko@...nel.org>,
        David Howells <dhowells@...hat.com>,
        David Woodhouse <dwmw2@...radead.org>,
        Kanth Ghatraju <kanth.ghatraju@...cle.com>,
        Konrad Wilk <konrad.wilk@...cle.com>,
        "linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>,
        "keyrings@...r.kernel.org" <keyrings@...r.kernel.org>,
        open list <linux-kernel@...r.kernel.org>,
        linux-security-module@...r.kernel.org
Subject: Re: RFC: New LSM to control usage of x509 certificates

On Tue, Oct 17, 2023 at 9:48 AM Mimi Zohar <zohar@...ux.ibm.com> wrote:
> On Thu, 2023-10-05 at 12:32 +0200, Mickaël Salaün wrote:
> > > > > A complementary approach would be to create an
> > > > > LSM (or a dedicated interface) to tie certificate properties to a set of
> > > > > kernel usages, while still letting users configure these constraints.
> > > >
> > > > That is an interesting idea.  Would the other security maintainers be in
> > > > support of such an approach?  Would a LSM be the correct interface?
> > > > Some of the recent work I have done with introducing key usage and CA
> > > > enforcement is difficult for a distro to pick up, since these changes can be
> > > > viewed as a regression.  Each end-user has different signing procedures
> > > > and policies, so making something work for everyone is difficult.  Letting the
> > > > user configure these constraints would solve this problem.
>
> Something definitely needs to be done about controlling the usage of
> x509 certificates.  My concern is the level of granularity.  Would this
> be at the LSM hook level or even finer granaularity?

You lost me, what do you mean by finer granularity than a LSM-based
access control?  Can you give an existing example in the Linux kernel
of access control granularity that is finer grained than what is
provided by the LSMs?

-- 
paul-moore.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ