From: Eric Paris <eparis@redhat.com>
To: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org
Subject: Re: SELinux/SMACK/TOMOYO: ioctl permissions handling is wrong andnonsensicle
Date: Fri, 21 Jan 2011 21:15:49 -0500 [thread overview]
Message-ID: <1295662551.2914.0.camel@localhost.localdomain> (raw)
In-Reply-To: <201101221101.JJB35923.OFJOOtMFSQFLVH@I-love.SAKURA.ne.jp>
On Sat, 2011-01-22 at 11:01 +0900, Tetsuo Handa wrote:
> Eric Paris wrote:
> > I'm planning to revert this SELinux commit, but I want other LSM authors
> > to realize that (assuming I'm not completely off in the woods somewhere)
> > you should take a look at your ioctl permissions checking as well....
>
> Since the mapping of ioctl cmd number and what the kernel does with that number
> is unknown for LSM modules, TOMOYO does not use permission bits.
> TOMOYO simply checks ioctl cmd number value passed to ioctl() requests.
> For example,
>
> file ioctl /dev/tty0 0x4B4E
> file ioctl /dev/console 0x5402
> file ioctl /dev/snd/controlC0 0x80045500
> file ioctl socket:[family=2:type=1:protocol=6] 0x8942
> file ioctl socket:[family=2:type=2:protocol=17] 0x8913
>
> http://tomoyo.sourceforge.jp/cgi-bin/lxr/source/centos5.5/domain_policy.conf?v=policy-sample
>
> So, I think nothing to change for TOMOYO.
You are correct, I thought I saw you guys doing something similar, but
that is clearly not the case. It's just SELinux and SMACK that are
doing it wrong.
-Eric
prev parent reply other threads:[~2011-01-22 2:16 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-21 19:30 SELinux/SMACK/TOMOYO: ioctl permissions handling is wrong and nonsensicle Eric Paris
2011-01-21 19:30 ` Eric Paris
2011-01-21 19:50 ` Casey Schaufler
2011-01-21 19:50 ` Casey Schaufler
2011-01-21 21:37 ` Stephen Smalley
2011-01-21 21:37 ` Stephen Smalley
2011-01-22 2:01 ` SELinux/SMACK/TOMOYO: ioctl permissions handling is wrong andnonsensicle Tetsuo Handa
2011-01-22 2:15 ` Eric Paris [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1295662551.2914.0.camel@localhost.localdomain \
--to=eparis@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=penguin-kernel@I-love.SAKURA.ne.jp \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.