From: Paul Moore <paul.moore@hp.com>
To: James Morris <jmorris@namei.org>
Cc: selinux@tycho.nsa.gov
Subject: Re: [RFC PATCH 0/2] Series short description
Date: Tue, 25 Sep 2007 18:38:58 -0400 [thread overview]
Message-ID: <200709251838.58272.paul.moore@hp.com> (raw)
In-Reply-To: <Xine.LNX.4.64.0709251525260.26141@us.intercode.com.au>
On Tuesday 25 September 2007 6:28:48 pm James Morris wrote:
> On Tue, 25 Sep 2007, Paul Moore wrote:
> > This patchset has two patches in it which I would like to get some
> > feedback on. The first patch adds a functionality/compatability version
> > number to the policy so that we can add new functionality to the kernel
> > which would lie dormant until the correct policy was loaded - it is not
> > intended to replace Eric's undefined classes/perms work but to compliment
> > it.
>
> Can you explain the expected usage scenarios for this?
The one example that springs immediately to mind is the two separate checks
for peer labels (one for NetLabel, one for labeled IPsec) in
selinux_sock_rcv_skb(). As discussed on the list, we would like to move to a
single check for the peer label. Unfortunately, this runs into problems with
backwards compatibility with people using old policy on new kernels. The
idea here was that the kernel would have code for both types of access
control and depending on the policy loaded it would select which type of
access control to use.
> We already have versioning of policy, and will have the ability to reject,
> ignore or enforce unknown elements, so why do we need this and how would
> it typically be used?
Eric suggested using the policy version to achieve the same thing; if no one
objects to using the policy version number for this purpose I'm more than
happy to use it.
> Should we instead start thinking about versioning each permission & class?
> i.e. create a fully versioned interface
This question nags at me, but I keep ignoring it because I fear that a fully
versioned avc interface would be overkill in the majority of cases and only
serve to slow down the access checks.
--
paul moore
linux security @ hp
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2007-09-25 22:40 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-09-25 20:48 [RFC PATCH 0/2] Series short description Paul Moore
2007-09-25 20:48 ` [RFC PATCH 1/2] [SELINUX] Add a functionality version number Paul Moore
2007-09-25 21:12 ` Eric Paris
2007-09-25 21:16 ` Paul Moore
2007-09-25 20:48 ` [RFC PATCH 2/2] [SELINUX] Better integration between peer labeling subsystems Paul Moore
2007-09-25 21:37 ` Eric Paris
2007-09-25 22:01 ` Paul Moore
2007-09-25 22:38 ` James Morris
2007-09-25 22:48 ` Paul Moore
2007-09-26 12:41 ` Stephen Smalley
2007-09-26 15:46 ` Paul Moore
2007-09-26 16:18 ` Paul Moore
2007-09-25 22:28 ` [RFC PATCH 0/2] Series short description James Morris
2007-09-25 22:38 ` Paul Moore [this message]
2007-09-26 2:19 ` Joshua Brindle
2007-09-26 3:12 ` Paul Moore
2007-09-26 13:18 ` Joshua Brindle
2007-09-26 13:29 ` Stephen Smalley
2007-09-26 16:00 ` Paul Moore
2007-09-26 16:43 ` Joshua Brindle
2007-09-26 16:48 ` Stephen Smalley
2007-09-26 16:54 ` Paul Moore
2007-09-26 16:57 ` Joshua Brindle
2007-09-26 17:04 ` Paul Moore
2007-09-26 20:39 ` Joshua Brindle
2007-09-26 20:46 ` Paul Moore
2007-09-26 20:36 ` Joshua Brindle
2007-09-26 20:32 ` Stephen Smalley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200709251838.58272.paul.moore@hp.com \
--to=paul.moore@hp.com \
--cc=jmorris@namei.org \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.