From: Christoph Hellwig <hch@infradead.org>
To: Stephen Smalley <sds@epoch.ncsc.mil>
Cc: Linus Torvalds <torvalds@transmeta.com>,
"Ted Ts'o" <tytso@mit.edu>,
Andreas Gruenbacher <a.gruenbacher@computer.org>,
Stephen Tweedie <sct@redhat.com>,
lkml <linux-kernel@vger.kernel.org>,
lsm <linux-security-module@wirex.com>
Subject: Re: [PATCH] Extended Attributes for Security Modules against 2.5.68
Date: Wed, 23 Apr 2003 20:26:15 +0100 [thread overview]
Message-ID: <20030423202614.A5890@infradead.org> (raw)
In-Reply-To: <1051125476.14761.146.camel@moss-huskers.epoch.ncsc.mil>; from sds@epoch.ncsc.mil on Wed, Apr 23, 2003 at 03:17:57PM -0400
On Wed, Apr 23, 2003 at 03:17:57PM -0400, Stephen Smalley wrote:
> On Wed, 2003-04-23 at 14:45, Christoph Hellwig wrote:
> > Randomly userland shouldn't deal with these xattrs. Remember you are
> > talking about the ondisk represenation of your labelling - nothing
> > but the labelling tools should ever touch it.
>
> Not true. ls should be able to display the security label. find should
> be able to locate files that have specific security labels. cp should
> be able to preserve the security label on copies. logrotate should be
> able to preserve the security label when rotating logs. crond should be
> able to check the security label on a crontab spool file to verify
> consistency with the user's credentials with which the cron job will
> run. login/sshd need to set the security label on the user's terminal
> device. You'll find plenty of examples of patched userland in SELinux,
> but none of these patches are specific to a particular set of security
> attributes. They just handle them as strings.
And all these should _not_ happen in the actual tools but in a
pluggable security module (something like pam). Encoding any security
policy and especially a xattr name in those utils is bad.
And see, you start to contradict what you said before - with your
suggestion cron has to know what the label means, so your selinux
cron would do stupid things with say may Posix 1003.1e MAC filesystem.
next prev parent reply other threads:[~2003-04-23 19:14 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-04-23 17:52 [PATCH] Extended Attributes for Security Modules against 2.5.68 Stephen Smalley
2003-04-23 18:17 ` Christoph Hellwig
2003-04-23 18:25 ` Chris Wright
2003-04-23 18:45 ` Christoph Hellwig
2003-04-23 19:17 ` Stephen Smalley
2003-04-23 19:26 ` Christoph Hellwig [this message]
2003-04-23 19:52 ` Stephen Smalley
2003-04-23 20:20 ` Christoph Hellwig
2003-04-24 12:55 ` Stephen Smalley
2003-04-24 13:03 ` Christoph Hellwig
2003-04-24 13:49 ` Stephen Smalley
2003-04-24 18:36 ` Chris Wright
2003-04-24 19:02 ` Stephen Smalley
2003-04-24 19:40 ` Andreas Dilger
2003-04-24 20:04 ` Stephen Smalley
2003-04-24 20:47 ` Chris Wright
2003-04-24 19:47 ` Chris Wright
2003-04-24 20:07 ` Stephen Smalley
2003-04-23 20:07 ` richard offer
2003-04-23 18:54 ` Andreas Dilger
2003-04-23 19:14 ` Stephen Smalley
2003-04-23 19:15 ` Chris Wright
2003-04-23 19:28 ` Valdis.Kletnieks
2003-04-23 19:40 ` Chris Wright
2003-04-23 19:49 ` Valdis.Kletnieks
2003-04-23 18:35 ` Stephen Smalley
2003-04-23 18:42 ` Christoph Hellwig
2003-04-23 18:59 ` Stephen Smalley
2003-04-23 19:09 ` Christoph Hellwig
2003-04-24 5:02 ` Jakob Oestergaard
2003-04-28 15:59 ` Stephen C. Tweedie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20030423202614.A5890@infradead.org \
--to=hch@infradead.org \
--cc=a.gruenbacher@computer.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@wirex.com \
--cc=sct@redhat.com \
--cc=sds@epoch.ncsc.mil \
--cc=torvalds@transmeta.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).