From: jmorris@namei.org (James Morris)
To: linux-security-module@vger.kernel.org
Subject: [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks
Date: Wed, 2 May 2018 05:02:11 +1000 (AEST) [thread overview]
Message-ID: <alpine.LRH.2.21.1805020502050.11549@namei.org> (raw)
In-Reply-To: <CAMp4zn9Mfm6Spq1S+u-ny+Sf8Umn29+SWTWLbOrMm7_PPfXeTw@mail.gmail.com>
On Mon, 30 Apr 2018, Sargun Dhillon wrote:
> > It varies. Container people are a diverse lot.
> >
> >> Use different LSM module for different container?
> >
> One dumb use case I have is the ability to limit interactions with
> PTYs for containerized applications. Another aspect of this is being
> able to write policies in C, and actually being able to control the
> nitty gritty of what's going on, versus actively fighting with the
> LSM(s).
Writing policies in C sounds like a breach of the principle of separating
mechanism and policy. This has been an important aspect of the LSM API
and also of the major LSMs. Hard-coded security policy is likely to be
brittle, inflexible, and difficult to manage. It's also blurring the
boundary of LSM with the rest of the kernel, and making it even more
difficult for core kernel developers to know what might break in LSM land
when they make changes elsewhere.
Can you provide an example of what you want to do?
--
James Morris
<jmorris@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2018-05-01 19:02 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-25 8:58 [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks Sargun Dhillon
2018-04-25 8:58 ` [PATCH v7 1/6] security: Move LSM registration arguments to struct lsm_info Sargun Dhillon
2018-05-01 18:34 ` James Morris
2018-05-01 19:19 ` Kees Cook
2018-05-01 19:35 ` Sargun Dhillon
2018-04-25 8:59 ` [PATCH v7 2/6] security: Make security_hook_heads private Sargun Dhillon
2018-04-25 8:59 ` [PATCH v7 3/6] security: Introduce mutable (RW) hooks Sargun Dhillon
2018-04-25 8:59 ` [PATCH v7 4/6] security: Expose security_add_hooks externally and add error handling Sargun Dhillon
2018-04-25 8:59 ` [PATCH v7 5/6] security: Panic on forced unloading of security module Sargun Dhillon
2018-04-25 8:59 ` [PATCH v7 6/6] security: Add SECURITY_UNREGISTRABLE_HOOKS to allow for hook removal Sargun Dhillon
2018-04-26 7:15 ` [PATCH v7 0/6] Safe LSM (un)loading, and immutable hooks Tetsuo Handa
2018-04-26 7:41 ` Sargun Dhillon
2018-04-26 12:07 ` Tetsuo Handa
2018-04-26 16:40 ` Sargun Dhillon
2018-04-26 17:29 ` Sargun Dhillon
2018-04-27 13:25 ` Tetsuo Handa
2018-04-27 20:21 ` Sargun Dhillon
2018-04-27 20:45 ` Casey Schaufler
2018-04-29 11:49 ` Tetsuo Handa
2018-04-29 21:23 ` Casey Schaufler
2018-04-30 16:11 ` Sargun Dhillon
2018-04-30 16:46 ` Casey Schaufler
2018-04-30 18:25 ` Sargun Dhillon
2018-04-30 19:37 ` Casey Schaufler
[not found] ` <f4f44e71-8df2-e5e6-d213-cf97eda6cb4a@digikod.net>
2018-05-01 20:42 ` James Morris
2018-04-30 21:16 ` James Morris
2018-04-30 21:29 ` Sargun Dhillon
2018-05-01 18:49 ` James Morris
2018-05-01 19:02 ` James Morris [this message]
2018-04-27 20:32 ` Sargun Dhillon
2018-04-27 20:59 ` Casey Schaufler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.LRH.2.21.1805020502050.11549@namei.org \
--to=jmorris@namei.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.