Kernel Newbies archive on lore.kernel.org
 help / Atom feed
* HOW CONFIG_DEFAULT_SECURITY affect precedence of decisions between LSM and Linux DAC ?
@ 2018-11-24 18:15 levonshe
  2018-11-24 18:15 ` Lev Olshvang
  0 siblings, 1 reply; 2+ messages in thread
From: levonshe @ 2018-11-24 18:15 UTC (permalink / raw)
  To: kernelnewbies

An HTML attachment was scrubbed...
URL: <http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20181124/d8f81988/attachment.html>

^ permalink raw reply	[flat|nested] 2+ messages in thread

* HOW CONFIG_DEFAULT_SECURITY affect precedence of decisions between LSM and Linux DAC ?
  2018-11-24 18:15 HOW CONFIG_DEFAULT_SECURITY affect precedence of decisions between LSM and Linux DAC ? levonshe
@ 2018-11-24 18:15 ` Lev Olshvang
  0 siblings, 0 replies; 2+ messages in thread
From: Lev Olshvang @ 2018-11-24 18:15 UTC (permalink / raw)
  To: kernelnewbies

[-- Attachment #1: Type: text/html, Size: 6529 bytes --]

<div xmlns="http://www.w3.org/1999/xhtml"><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;">One of the  choices of security options proposes to select default security</div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;">CONFIG_DEFAULT_SECURITY</div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;">User can select  traditional Unix DAC or one of LSMs.</div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;">Suppose CONFIG_DEFAULT_SECURITY_DAC=y  selected.</div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;">I wonder how it affects LSM policy decisions?</div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;"> </div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;">Lets take file permissions</div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;">file fs/namei.c, kernel 4.8</div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;"> </div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;">__inode_permission ---&gt; do_inode_permission --&gt; generic_permission :</div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;"> </div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;"><div>/*</div><div>         * Do the basic permission checks.</div><div>         */</div><div>        ret = acl_permission_check(inode, mask);</div><div>     <div>       if (capable_wrt_inode_uidgid(inode, CAP_DAC_READ_SEARCH))</div><div>                        return 0;</div><div> </div><div>         <div>do_inode_permission(inode, mask);</div><div>        if (retval)</div><div>                return retval;</div><div> </div><div>       ...</div><div> </div><div>        retval = devcgroup_inode_permission(inode, mask);</div><div>        if (retval)</div><div>                return retval;</div><div> </div><div>        return security_inode_permission(inode, mask);</div></div></div><div> </div></div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;"> </div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;"> </div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;">from reading the code we see that first file ACL is consulted, then unix UID/GID then</div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;">capabilties and finally security_inode_permissions, i.e LSM</div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;"> </div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;">So the questioned config option seems obsolete ?</div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;">Wheher LSM always consulted last ?</div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;"> </div><div style="background-color:transparent;color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:15px;font-style:normal;font-variant:normal;font-weight:400;text-align:left;text-decoration:none;text-transform:none;white-space:normal;">Am I write ? Perhaps I miss another code path?</div></div>

[-- Attachment #2: Type: text/plain, Size: 170 bytes --]

_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, back to index

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-11-24 18:15 HOW CONFIG_DEFAULT_SECURITY affect precedence of decisions between LSM and Linux DAC ? levonshe
2018-11-24 18:15 ` Lev Olshvang

Kernel Newbies archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/kernelnewbies/0 kernelnewbies/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 kernelnewbies kernelnewbies/ https://lore.kernel.org/kernelnewbies \
		kernelnewbies@kernelnewbies.org kernelnewbies@archiver.kernel.org
	public-inbox-index kernelnewbies


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernelnewbies.kernelnewbies


AGPL code for this site: git clone https://public-inbox.org/ public-inbox