Re: [PATCH 08/28] SECURITY: Allow kernel services to override LSMsettings for task actions [try #2]

From: Stephen Smalley
Date: Tue Jan 15 2008 - 11:09:17 EST



On Tue, 2008-01-15 at 16:03 +0000, David Howells wrote:
> Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
>
> > > (3) Check that the kernel may create files as a particular secid (this
> > > could be specified indirectly by specifying an inode, which would
> > > hide the secid inside the LSM).
> >
> > I don't think this check is on the kernel per se but rather the ability
> > of the daemon to nominate a secid for use on files created later by the
> > kernel module.
>
> Hmmm... At the moment the cachefiles module works out for itself what the
> file label should be by looking at the root directory it was given and
> assuming the label on that is what it's going to be using. Are you suggesting
> this should be specified directly instead by the daemon?

No, just that however the secid is determined (whether indirectly via
specification of a directory or directly via specification of a secid),
the ability of the daemon to control what secid gets used ought to be
controlled. Or, alternatively, the ability of the daemon to enable
caching in a given directory ought to be controlled.

--
Stephen Smalley
National Security Agency

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/