security_path hooks for xattr

From: Miklos Szeredi
Date: Thu Jan 26 2012 - 07:45:49 EST

Next message: Jens Axboe: "Re: [RFC PATCH v1 1/2] sched: unified sched_powersavings sysfs tunable"
Previous message: Stefano Stabellini: "[PATCH 1/2] hvc_xen: support PV on HVM consoles"
Next in thread: Casey Schaufler: "Re: security_path hooks for xattr"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarding from an internal bug report:

"AppArmor does not mediate the xattr system calls for confined processes.

As a consequence, a confined process can cross the confinement privilege
boundary by reading or writing to extended attributes that the confined
task should not have access to. The restrictions for security and user
attributes read and write still apply according to DAC; however, this
does not comply with the claim of AppArmor to mediate fipe
operations. The use of extended attributes is very flexible, so that the
effect of a missing mediation can lead to false assumptions in
subsequent policy decisions (eCryptfs)."

AFAIU this boils down to missing security hooks in *xattr().

Would it be possible to add these hooks?

Thanks,
Miklos
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jens Axboe: "Re: [RFC PATCH v1 1/2] sched: unified sched_powersavings sysfs tunable"
Previous message: Stefano Stabellini: "[PATCH 1/2] hvc_xen: support PV on HVM consoles"
Next in thread: Casey Schaufler: "Re: security_path hooks for xattr"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]