All of lore.kernel.org
 help / color / mirror / Atom feed
From: John Johansen <jjohansen@suse.de>
To: Casey Schaufler <casey@schaufler-ca.com>
Cc: Crispin Cowan <crispin@crispincowan.com>,
	"Dr. David Alan Gilbert" <linux@treblig.org>,
	Arjan van de Ven <arjan@infradead.org>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	LSM ML <linux-security-module@vger.kernel.org>,
	apparmor-dev <apparmor-dev@forge.novell.com>
Subject: Re: AppArmor Security Goal
Date: Sat, 10 Nov 2007 19:55:12 -0800	[thread overview]
Message-ID: <20071111035512.GC19216@suse.de> (raw)
In-Reply-To: <601618.10362.qm@web36602.mail.mud.yahoo.com>

[-- Attachment #1: Type: text/plain, Size: 1344 bytes --]

On Sat, Nov 10, 2007 at 06:17:30PM -0800, Casey Schaufler wrote:
> 
> --- Crispin Cowan <crispin@crispincowan.com> wrote:
> 
> > Dr. David Alan Gilbert wrote:
> > ...
> >
> > Can you explain why you want a non-privileged user to be able to edit
> > policy? I would like to better understand the problem here.
> > 
> > Note that John Johansen is also interested in allowing non-privileged
> > users to manipulate AppArmor policy, but his view was to only allow a
> > non-privileged user to further tighten the profile on a program. To me,
> > that adds complexity with not much value, but if lots of users want it,
> > then I'm wrong :)
> 
> Now this is getting interesting. It looks to me as if you've implemented
> a mandatory access control scheme that some people would like to be able
> to use as a discretionary access control scheme. This is creepy after
> seeing the MCS implementation in SELinux, which is also a DAC scheme
> wacked out of a MAC scheme. Very interesting indeed.
> 
hehe perhaps.  There are lots of issues involved with doing something
like this and there are more important issues to address first.
I also don't see it so much of a DAC scheme as a user defining a MAC
for their own processes they don't trust.  An application so confined
would not have the ability to change its confinement.

[-- Attachment #2: Type: application/pgp-signature, Size: 194 bytes --]

  reply	other threads:[~2007-11-11  3:55 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-11-08 21:33 AppArmor Security Goal Crispin Cowan
2007-11-10 21:04 ` Andi Kleen
2007-11-10 21:24   ` Crispin Cowan
2007-11-11  3:23     ` John Johansen
2007-11-10 21:28   ` david
2007-11-11  3:36     ` John Johansen
2007-11-10 22:04 ` Dr. David Alan Gilbert
2007-11-10 22:11   ` Crispin Cowan
2007-11-10 22:24     ` Dr. David Alan Gilbert
2007-11-10 22:41       ` Crispin Cowan
2007-11-10 22:57         ` Alan Cox
2007-11-10 23:14           ` Crispin Cowan
2007-11-10 23:54             ` Alan Cox
2007-11-10 23:25         ` Dr. David Alan Gilbert
2007-11-10 23:52           ` david
2007-11-10 23:47             ` Dr. David Alan Gilbert
2007-11-10 23:56             ` Alan Cox
2007-11-11  1:27               ` david
2007-11-11  3:59                 ` John Johansen
2007-11-12 23:58               ` Crispin Cowan
2007-11-11  4:17             ` John Johansen
2007-11-11  4:50               ` david
2007-11-13  0:13             ` Crispin Cowan
2007-11-11  7:02           ` Rogelio M. Serrano Jr.
2007-11-12 23:50           ` Crispin Cowan
2007-11-13  1:20             ` John Johansen
2007-11-11  2:17         ` Casey Schaufler
2007-11-11  3:55           ` John Johansen [this message]
2007-11-13  0:10           ` Joshua Brindle
2007-11-13  4:58             ` Casey Schaufler
  -- strict thread matches above, loose matches on Subject: below --
2007-11-11  8:16 Rob Meijer
     [not found] <9nngC-6iQ-25@gated-at.bofh.it>
     [not found] ` <9o6Qq-2Hk-17@gated-at.bofh.it>
     [not found]   ` <9o6Qq-2Hk-15@gated-at.bofh.it>
     [not found]     ` <9o706-2Xe-17@gated-at.bofh.it>
     [not found]       ` <9o7jp-3lE-5@gated-at.bofh.it>
     [not found]         ` <9o7Wg-4sT-15@gated-at.bofh.it>
     [not found]           ` <9of7j-7ej-7@gated-at.bofh.it>
2007-11-12 18:43             ` Bodo Eggert

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20071111035512.GC19216@suse.de \
    --to=jjohansen@suse.de \
    --cc=apparmor-dev@forge.novell.com \
    --cc=arjan@infradead.org \
    --cc=casey@schaufler-ca.com \
    --cc=crispin@crispincowan.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=linux@treblig.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.