Re: [PATCH 2/3] SELinux: add security_task_movememory calls to mmcode
From: James Morris
Date: Thu Jun 22 2006 - 15:09:18 EST
On Thu, 22 Jun 2006, Serge E. Hallyn wrote:
> sorry if I'm being dense - what is actually being protected against
> here? The only thing I can think of is one process causing performance
> degradation to another by moving it's memory further from it's cpu on a
> NUMA machine.
This is a privileged operation, which currently relies only on uid (i.e.
traditional Unix DAC), and capability checking.
SELinux introduces Mandatory Access Control (MAC) based upon all
security-relevant attributes of tasks and objects, not just uid/capability
checks. Theoretically, all processes could run with euid==0 under SELinux
(in fact, Russell Coker's 'play box' does something similar by giving out
the root password to everyone, although SELinux is designed to complement
DAC, not replace it).
Any privileged operations with DAC controls also need corresponding MAC
controls, which is what this patch implements.
- James
--
James Morris
<jmorris@xxxxxxxxx>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/