Re: [PATCH] Extended Attributes for Security Modules against 2.5.68

From: Chris Wright (chris@wirex.com)
Date: Thu Apr 24 2003 - 15:47:02 EST

Next message: Andy Pfiffer: "Re: [dcl_discussion] [ANNOUNCE] OSDL Whitepaper: "Reducing System Reboot Time With Kexec""
Previous message: Pavel Machek: "Re: Fix SWSUSP & !SWAP"
In reply to: Andreas Dilger: "Re: [PATCH] Extended Attributes for Security Modules against 2.5.68"
Next in thread: Chris Wright: "Re: [PATCH] Extended Attributes for Security Modules against 2.5.68"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Andreas Dilger (adilger@clusterfs.com) wrote:
>
> Couldn't that be used to do the trusted-namespace- means-CAP_SYS_ADMIN
> checks, but it can be replaced by other LSM security modules if desired?

I think that's what Stephen is saying. The issue is, the "trusted."
handler uses CAP_SYS_ADMIN internally, after any other LSM check has
already occurred. And the capable() check is too simple to know things
like which inode's xattr is in question at the moment or which namespace.
So Stephen was suggesting moving it out of the handler and putting it
in core code.

cheers,
-chris

-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Andy Pfiffer: "Re: [dcl_discussion] [ANNOUNCE] OSDL Whitepaper: "Reducing System Reboot Time With Kexec""
Previous message: Pavel Machek: "Re: Fix SWSUSP & !SWAP"
In reply to: Andreas Dilger: "Re: [PATCH] Extended Attributes for Security Modules against 2.5.68"
Next in thread: Chris Wright: "Re: [PATCH] Extended Attributes for Security Modules against 2.5.68"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed Apr 30 2003 - 22:00:18 EST