From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from jazzdrum.ncsc.mil (zombie.ncsc.mil [144.51.88.131])
	by tarius.tycho.ncsc.mil (8.13.1/8.13.1) with SMTP id l79IBAbX026806
	for <selinux@tycho.nsa.gov>; Thu, 9 Aug 2007 14:11:10 -0400
Received: from mx1.redhat.com (jazzdrum.ncsc.mil [144.51.5.7])
	by jazzdrum.ncsc.mil (8.12.10/8.12.10) with ESMTP id l79IB9k4022148
	for <selinux@tycho.nsa.gov>; Thu, 9 Aug 2007 18:11:10 GMT
Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com [172.16.52.254])
	by mx1.redhat.com (8.13.1/8.13.1) with ESMTP id l79IB4bW003904
	for <selinux@tycho.nsa.gov>; Thu, 9 Aug 2007 14:11:04 -0400
Received: from warthog.cambridge.redhat.com (warthog.cambridge.redhat.com [172.16.18.73])
	by int-mx1.corp.redhat.com (8.13.1/8.13.1) with ESMTP id l79IB3I4010503
	for <selinux@tycho.nsa.gov>; Thu, 9 Aug 2007 14:11:04 -0400
Received: from redhat.com (localhost.localdomain [127.0.0.1])
	by warthog.cambridge.redhat.com (8.14.1/8.13.8) with ESMTP id l79IB3jl021054
	for <selinux@tycho.nsa.gov>; Thu, 9 Aug 2007 19:11:03 +0100
From: David Howells <dhowells@redhat.com>
In-Reply-To: <830177.29212.qm@web36605.mail.mud.yahoo.com>
References: <830177.29212.qm@web36605.mail.mud.yahoo.com>
To: casey@schaufler-ca.com
Cc: dhowells@redhat.com, torvalds@osdl.org, akpm@osdl.org, steved@redhat.com,
        trond.myklebust@fys.uio.no, linux-fsdevel@vger.kernel.org,
        linux-cachefs@redhat.com, nfsv4@linux-nfs.org,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH 09/14] CacheFiles: Permit a process's create SID to be overridden [try #2]
Date: Thu, 09 Aug 2007 19:07:42 +0100
Message-ID: <20954.1186682862@redhat.com>
Sender: owner-selinux@tycho.nsa.gov
List-Id: selinux@tycho.nsa.gov

Casey Schaufler <casey@schaufler-ca.com> wrote:

> This is SELinux specific funtionality and should be done in the
> SELinux code. You should not be adding interfaces that are SELinux
> specific, in this case using secids instead of the LSM blob interfaces.

Is using secids your only objection?  Or are you objecting to the whole
'act-as' concept?

David


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner+w=401wt.eu-S1754812AbXHISIz@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754812AbXHISIz (ORCPT <rfc822;w@1wt.eu>);
	Thu, 9 Aug 2007 14:08:55 -0400
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1754200AbXHISIf
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Thu, 9 Aug 2007 14:08:35 -0400
Received: from mx1.redhat.com ([66.187.233.31]:40183 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1757299AbXHISIe (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Thu, 9 Aug 2007 14:08:34 -0400
Organization: Red Hat UK Ltd. Registered Address: Red Hat UK Ltd, Amberley
	Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United
	Kingdom.
	Registered in England and Wales under Company Registration No. 3798903
From: David Howells <dhowells@redhat.com>
In-Reply-To: <830177.29212.qm@web36605.mail.mud.yahoo.com>
References: <830177.29212.qm@web36605.mail.mud.yahoo.com>
To: casey@schaufler-ca.com
Cc: dhowells@redhat.com, torvalds@osdl.org, akpm@osdl.org, steved@redhat.com,
       trond.myklebust@fys.uio.no, linux-fsdevel@vger.kernel.org,
       linux-cachefs@redhat.com, nfsv4@linux-nfs.org,
       linux-kernel@vger.kernel.org
Subject: Re: [PATCH 09/14] CacheFiles: Permit a process's create SID to be overridden [try #2]
X-Mailer: MH-E 8.0.3; nmh 1.2-20070115cvs; GNU Emacs 22.1.50
Date: Thu, 09 Aug 2007 19:07:42 +0100
Message-ID: <20954.1186682862@redhat.com>
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org

Casey Schaufler <casey@schaufler-ca.com> wrote:

> This is SELinux specific funtionality and should be done in the
> SELinux code. You should not be adding interfaces that are SELinux
> specific, in this case using secids instead of the LSM blob interfaces.

Is using secids your only objection?  Or are you objecting to the whole
'act-as' concept?

David

From mboxrd@z Thu Jan  1 00:00:00 1970
From: David Howells <dhowells@redhat.com>
Subject: Re: [PATCH 09/14] CacheFiles: Permit a process's
	create SID to be overridden [try #2]
Date: Thu, 09 Aug 2007 19:07:42 +0100
Message-ID: <20954.1186682862@redhat.com>
References: <830177.29212.qm@web36605.mail.mud.yahoo.com>
Reply-To: Linux filesystem caching discussion list <linux-cachefs@redhat.com>
Cc: akpm@osdl.org, linux-kernel@vger.kernel.org, nfsv4@linux-nfs.org,
	trond.myklebust@fys.uio.no, torvalds@osdl.org,
	linux-cachefs@redhat.com, linux-fsdevel@vger.kernel.org
To: casey@schaufler-ca.com
Return-path: <linux-cachefs-bounces@redhat.com>
In-Reply-To: <830177.29212.qm@web36605.mail.mud.yahoo.com>
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/linux-cachefs>,
	<mailto:linux-cachefs-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-cachefs>
List-Post: <mailto:linux-cachefs@redhat.com>
List-Help: <mailto:linux-cachefs-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-cachefs>,
	<mailto:linux-cachefs-request@redhat.com?subject=subscribe>
Sender: linux-cachefs-bounces@redhat.com
Errors-To: linux-cachefs-bounces@redhat.com
List-Id: linux-fsdevel.vger.kernel.org

Casey Schaufler <casey@schaufler-ca.com> wrote:

> This is SELinux specific funtionality and should be done in the
> SELinux code. You should not be adding interfaces that are SELinux
> specific, in this case using secids instead of the LSM blob interfaces.

Is using secids your only objection?  Or are you objecting to the whole
'act-as' concept?

David