From: Alan Cox <gnomes@lxorguk.ukuu.org.uk>
To: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: jmorris@namei.org, keescook@chromium.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org,
kernel-hardening@lists.openwall.com, casey@schaufler-ca.com,
hch@infradead.org, igor.stoppa@huawei.com,
james.l.morris@oracle.com, paul@paul-moore.com,
sds@tycho.nsa.gov
Subject: Re: [PATCH] LSM: Convert security_hook_heads into explicit array of struct list_head
Date: Wed, 31 May 2017 16:14:54 +0100 [thread overview]
Message-ID: <20170531161454.364632c7@alans-desktop> (raw)
In-Reply-To: <201706010010.EHB81211.LFMOFSQJtFVOOH@I-love.SAKURA.ne.jp>
On Thu, 1 Jun 2017 00:10:07 +0900
Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> wrote:
> Alan Cox wrote:
> > > I saw several companies who ship their embedded devices with
> > > single-function LSM modules (e.g. restrict only mount operation and
> > > ptrace operation). What is unfortunate is that their LSM modules had
> > > never been proposed for upstream, and thus bugs remained unnoticed.
> >
> > So which of them cannot be done with seccomp ? We have a small tight
> > interface for simple things like restricting a few calls.
>
> They restricted based on hard-coded rules. seccomp is too much for their cases.
Seccomp is tiny. They may not know how to use it but the job of the
kernel is to provide generic interfaces. Seccomp seems to do that just
fine for simple stuff.
Alan
next prev parent reply other threads:[~2017-05-31 15:16 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-27 11:17 [PATCH] LSM: Convert security_hook_heads into explicit array of struct list_head Tetsuo Handa
2017-05-27 22:30 ` Casey Schaufler
2017-05-28 0:38 ` Tetsuo Handa
2017-05-28 1:04 ` Kees Cook
2017-05-28 1:26 ` Tetsuo Handa
2017-05-28 17:57 ` Casey Schaufler
2017-05-30 10:22 ` James Morris
2017-05-30 14:29 ` Tetsuo Handa
2017-05-30 15:25 ` Alan Cox
2017-05-30 23:06 ` James Morris
2017-05-31 10:41 ` Tetsuo Handa
2017-05-31 11:04 ` James Morris
2017-05-31 11:31 ` Tetsuo Handa
2017-05-31 14:43 ` Alan Cox
2017-05-31 15:10 ` Tetsuo Handa
2017-05-31 15:14 ` Alan Cox [this message]
2017-05-31 9:44 ` José Bollo
2017-05-28 20:29 ` [PATCH v2] " Tetsuo Handa
2017-05-28 21:19 ` Kees Cook
2017-05-29 17:32 ` Casey Schaufler
2017-05-30 10:32 ` James Morris
2017-05-31 20:49 ` Igor Stoppa
2017-05-31 22:56 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170531161454.364632c7@alans-desktop \
--to=gnomes@lxorguk.ukuu.org.uk \
--cc=casey@schaufler-ca.com \
--cc=hch@infradead.org \
--cc=igor.stoppa@huawei.com \
--cc=james.l.morris@oracle.com \
--cc=jmorris@namei.org \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=penguin-kernel@I-love.SAKURA.ne.jp \
--cc=sds@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).