From: David Howells <dhowells@redhat.com>
To: James Morris <jmorris@namei.org>
Cc: David Howells <dhowells@redhat.com>,
Chris Wright <chrisw@osdl.org>, Andrew Morton <akpm@osdl.org>,
Linus Torvalds <torvalds@osdl.org>,
keyrings@linux-nfs.org, linux-kernel@vger.kernel.org,
Stephen Smalley <sds@tycho.nsa.gov>
Subject: Re: [Keyrings] [PATCH] Keys: Add LSM hooks for key management
Date: Thu, 06 Oct 2005 16:18:02 +0100 [thread overview]
Message-ID: <30209.1128611882@warthog.cambridge.redhat.com> (raw)
In-Reply-To: <Pine.LNX.4.63.0510061053180.26758@excalibur.intercode>
James Morris <jmorris@namei.org> wrote:
> > > Access checks seem to be usually done before this point via
> > > lookup_user_key(), which is ideal.
> >
> > Eh? lookup_user_key()? That's not necessarily called before, not if you're
> > creating a key.
>
> I thought this was generally called before key operations.
>
> For example, sys_add_key() calls it with KEY_WRITE against the destination
> keyring.
Yes, but not in regard to the new key, which is what I thought you were
implying.
Besides, it's logically two operations: create key and link key to
keyring. The reason they have to be combined is that the key would be
immediately destroyed if it wasn't attached to a keyring.
The permissions check done on the keyring merely assures that the keyring can
be modified, not that a new key may or may not actually be created.
Maybe we're talking at cross-purposes here.
> > > I don't think SELinux would care about this yet. If so, the hook can be
> > > added later.
> >
> > Auditing?
>
> SELinux does not audit object creation, it will sometimes use a _post hook
> to update its internal state or perform the access control check for
> creating the object.
I meant the auditing service. Doesn't that use the security module hooks?
David
next prev parent reply other threads:[~2005-10-06 15:18 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-10-05 16:28 [PATCH] Keys: Add LSM hooks for key management David Howells
2005-10-05 16:44 ` [Keyrings] " James Morris
2005-10-05 16:48 ` David Howells
2005-10-05 19:31 ` James Morris
2005-10-05 18:40 ` serue
2005-10-05 21:10 ` [Keyrings] " Chris Wright
2005-10-06 8:03 ` James Morris
2005-10-06 10:54 ` David Howells
2005-10-06 15:04 ` James Morris
2005-10-06 15:18 ` David Howells [this message]
2005-10-06 16:02 ` James Morris
2005-10-07 8:50 ` David Howells
2005-10-07 18:36 ` Chris Wright
2005-10-06 17:58 ` Chris Wright
2005-10-07 9:10 ` David Howells
2005-10-07 12:59 ` Stephen Smalley
2005-10-07 18:51 ` Chris Wright
2005-10-06 10:30 ` David Howells
2005-10-06 23:10 ` Chris Wright
2005-10-07 9:57 ` David Howells
2005-10-07 19:36 ` Chris Wright
2005-10-06 8:38 ` James Morris
2005-10-06 11:06 ` David Howells
2005-10-06 14:25 ` James Morris
2005-10-06 15:11 ` David Howells
2005-10-06 16:14 ` James Morris
2005-10-07 9:03 ` David Howells
2005-10-07 14:05 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=30209.1128611882@warthog.cambridge.redhat.com \
--to=dhowells@redhat.com \
--cc=akpm@osdl.org \
--cc=chrisw@osdl.org \
--cc=jmorris@namei.org \
--cc=keyrings@linux-nfs.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sds@tycho.nsa.gov \
--cc=torvalds@osdl.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.