Re: [rsbac] Thoughts on the "No Linux Security Modules framework" old claims

[Amon Ott]

On Donnerstag 24 Februar 2005 01:55, Kurt Garloff wrote:
> On Mon, Feb 21, 2005 at 11:19:16AM +0100, Amon Ott wrote:
> > Without rechecking the current state: At least the last time I 
> > checked, the hardwired kernel capabilities were explicitely 
disabled 
> > when LSM got switched on. You had to use the capabilities LSM 
module 
> > instead, which was not able to stack. It always had to be the last 
in 
> > the chain, thus effectively sealing against any other LSM module 
to 
> > be loaded later.
> 
> My patches posted Feb 13 fix this.
> 
> If you apply them (and I hope Linus will), capabilities is default
> and you can replace that by loading an LSM. You can stack capability
> on top of the primary LSM again, if the latter supports this.

Well, not quite, although it is an improvement.

As long as the capabilities module does not support stacking, anybody 
needing capabilities and e.g. on-access scanning with Dazuko will 
have to unload this module, load another module, and reload it. This 
creates a nasty race condition. BTW, what happens if capabilities 
have been compiled static, not as a module?

AFAIK, not all LSM modules provide correct stacking. At least all 
modules in the main line kernel should really support the official 
way. But this is just a few cents from someone not using LSM...

Amon.
-- 
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22

Attachment: pgp00000.pgp
Description: PGP signature