Re: [PATCH] Extended Attributes for Security Modules against 2.5.68

From: Stephen Smalley (sds@epoch.ncsc.mil)
Date: Thu Apr 24 2003 - 15:07:22 EST


On Thu, 2003-04-24 at 15:47, Chris Wright wrote:
> Yes, there was also some mention of the permission issue w.r.t. HSM and
> (i vaguely recall) an xattr interface proposed that noted if the request was
> internal from the kernel (skip the capable check) or on behalf of user.
> If this were carried through, it could suffice, no?

You still wouldn't want the security check implemented in the xattr
handler (even for calls on behalf of user processes), because it will
differ depending on the security module and may require the full
contextual information (process and inode). Effectively, you would have
to just implement a call from the xattr handler to the security module,
and we already have hook calls from the [gs]etxattr system call code to
the security module to support such permission checking for user
processes.

-- 
Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Wed Apr 30 2003 - 22:00:18 EST