Linux-Security-Module Archive on lore.kernel.org
 help / color / Atom feed
From: James Morris <jmorris@namei.org>
To: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Paul Moore <paul@paul-moore.com>,
	Kees Cook <keescook@chromium.org>,
	Casey Schaufler <casey@schaufler-ca.com>,
	selinux@vger.kernel.org, linux-security-module@vger.kernel.org,
	David Howells <dhowells@redhat.com>
Subject: Re: [PATCH] selinux: fix residual uses of current_security() for the SELinux blob
Date: Fri, 6 Sep 2019 06:55:27 +1000 (AEST)
Message-ID: <alpine.LRH.2.21.1909060644570.1710@namei.org> (raw)
In-Reply-To: <b5705661-089a-cb9c-53b5-21b855937638@tycho.nsa.gov>

On Thu, 5 Sep 2019, Stephen Smalley wrote:

> For the next and any future rounds of stacking support, I'm hoping we can be a
> bit more rigorous in our code review and testing requirements.

After the 5th iteration of the patchset and with everything having at 
least one trusted reviewer, I did ask the list if there were any 
objections and stated I would otherwise merge to v4.21:

http://kernsec.org/pipermail/linux-security-module-archive/2018-December/010209.html

Regardless, from now I'll also require signoffs from all of the major LSMs 
on these kinds of changes.

I'd have to say I also have concerns about the direction of LSM stacking 
and what its final goal is.  It seems to makes sense to be able to stack 
Apparmor inside SELinux or Smack, so that folk can use AA system 
containers on an SELinux or Smack host.

We've not seen other proposed use-cases for full stacking materialize in a 
sustained and viable manner.

Are there really any beyond AA inside a labeling LSM?  Because if not I 
think this is a reasonable goal state for LSM stacking until we concretely 
know otherwise.


-- 
James Morris
<jmorris@namei.org>


      reply index

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-04 14:32 Stephen Smalley
2019-09-04 15:16 ` Casey Schaufler
2019-09-04 15:31 ` Stephen Smalley
2019-09-04 16:46   ` John Johansen
2019-09-04 19:35 ` James Morris
2019-09-04 22:50 ` Paul Moore
2019-09-05 20:01   ` Stephen Smalley
2019-09-05 20:55     ` James Morris [this message]

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=alpine.LRH.2.21.1909060644570.1710@namei.org \
    --to=jmorris@namei.org \
    --cc=casey@schaufler-ca.com \
    --cc=dhowells@redhat.com \
    --cc=keescook@chromium.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=paul@paul-moore.com \
    --cc=sds@tycho.nsa.gov \
    --cc=selinux@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Security-Module Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-security-module/0 linux-security-module/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-security-module linux-security-module/ https://lore.kernel.org/linux-security-module \
		linux-security-module@vger.kernel.org
	public-inbox-index linux-security-module

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-security-module


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git