Re: Real simple cache that removes most of the lookups in mcstrans

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Joshua Brindle <method@gentoo.org>
To: russell@coker.com.au
Cc: Daniel J Walsh <dwalsh@redhat.com>,
	Stephen Smalley <sds@tycho.nsa.gov>,
	Steve Grubb <sgrubb@redhat.com>, SE Linux <selinux@tycho.nsa.gov>
Subject: Re: Real simple cache that removes most of the lookups in mcstrans
Date: Fri, 19 May 2006 09:51:08 -0400	[thread overview]
Message-ID: <446DCD4C.6000303@gentoo.org> (raw)
In-Reply-To: <200605192333.01639.russell@coker.com.au>

Russell Coker wrote:
> On Thursday 18 May 2006 01:15, Joshua Brindle <method@gentoo.org> wrote:
>   
>>> Yes, you mean translation change, I think.  Since I do not see where
>>> policy reload would effect this.  We could add some kind of timer to
>>> this, but refreshing the cache is a small problem, but this same
>>> problem existed with shared libraries.
>>>       
>> Because on an MLS system the server will be deciding whether or not you
>> have permission to see a particular translation and a policy reload
>> would affect that. The same problem did exist with the shared libraries
>> but we aren't using them anymore :) the server should be smart enough to
>> handle this. If client side caching is really desired it needs to work
>> like an avc where you can get flush notifications from the server.
>>     
>
> Client side caching is not required to work the same way as server-side.
>
> The idea behind SE Linux is that the kernel enforces access control in almost 
> all situations, and that applications which enforce access control are the 
> exception (this means crond, login programs, the X server for SE-X, and not 
> much else).
>
> If an application such as "ls" gets a copy of the translation data then there 
> is no point in writing the library code such that the data can not be 
> (easily) displayed a second time.  The information once available is presumed 
> to have already been displayed to the user or stored in a way such that it 
> can be obtained in another manner.
>   
If that were true we wouldn't revoke access to file descriptors (or 
files) after a policy reload. And you are still ignoring the case where 
the translation actually changes. My worry isn't ls (which is one-shot, 
and executes quickly most of the time), _anything_ that uses this 
library code now caches the answer and if its a long running process 
then it has no way of knowing when translations have changed or access 
has been revoked.

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

next prev parent reply	other threads:[~2006-05-19 13:51 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-05-17 10:45 Real simple cache that removes most of the lookups in mcstrans Daniel J Walsh
2006-05-17 12:26 ` Steve Grubb
2006-05-17 13:52 ` Joshua Brindle
2006-05-17 15:03   ` Daniel J Walsh
2006-05-17 15:15     ` Joshua Brindle
2006-05-17 16:21       ` Daniel J Walsh
2006-05-17 17:09         ` Joshua Brindle
2006-05-17 17:30           ` Steve Grubb
2006-05-17 17:32             ` Joshua Brindle
2006-05-19 13:32       ` Russell Coker
2006-05-19 13:51         ` Joshua Brindle [this message]
2006-05-19 14:07           ` Stephen Smalley
2006-05-19 14:40             ` Russell Coker
2006-05-20 21:47             ` Joshua Brindle
2006-05-21  3:31               ` Russell Coker
2006-05-22 18:04               ` Stephen Smalley
2006-05-17 16:22 ` James Antill
     [not found] ` <1147879972.3469.139.camel@code.and.org>
2006-05-17 16:19   ` Daniel J Walsh
2006-05-17 16:56     ` James Antill
2006-05-17 17:06       ` Stephen Smalley
2006-05-18 16:21         ` Daniel J Walsh
2006-05-17 18:22   ` Daniel J Walsh
2006-05-22 20:45     ` Stephen Smalley
2006-05-17 18:35   ` Resent with correct patch Daniel J Walsh
2006-05-17 18:44     ` Stephen Smalley

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=446DCD4C.6000303@gentoo.org \
    --to=method@gentoo.org \
    --cc=dwalsh@redhat.com \
    --cc=russell@coker.com.au \
    --cc=sds@tycho.nsa.gov \
    --cc=selinux@tycho.nsa.gov \
    --cc=sgrubb@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.