From: Andrew Warner <warner@rubix.com>
To: selinux@tycho.nsa.gov
Subject: questions about persistent storage of security contexts
Date: Tue, 22 Jul 2008 01:10:40 +0200 [thread overview]
Message-ID: <48851770.5020002@rubix.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 2166 bytes --]
Hello,
I am currently developing an "SELinux aware" DBMS (primarily TE and MLS)
that is characterized by:
1. The need to store a security context (in some recoverable form) in
our persistent database (storage size of the context is an important factor)
2. The need to frequently perform a high number of security access
checks in a performance sensitive way
My question relates to the first characteristic from above. I am having
trouble deciding on the best way to store the security context in the
database. From my research I see (I think!) three different
representations for a security context: 1) string; 2) raw; 3) SID.
The string representation, generally, seems clear as this is what is
shown in all documentation as the context representation that exists in
user space. My only question regarding the string representation is: is
there is any hard limit to the length of the security context string? Do
I need to allow for no theoretical size limit on a context string if I
choose to store it?
I am inferring the the raw representation exists from seeing *_raw
functions (e.g., security_compute_create_raw) referenced in selinux
header files. Other than seeing these functions declared I am having
trouble finding out much about a raw representation. Is there any
advantage to storing/manipulating a context in its raw representation?
That is, are they more suited for a fast security access check, are they
smaller in size, or do they have a fixed or maximum length?
The SID I have also seen mentioned in various documentations but can
determine little about them. My guess is that they are an integer value
that is used for fast internal access, particularly for the AVC. Are
SIDs indeed integer values? Are they persistent or are they meaningful
only for a particular OS session?
I have also considered maintaining my own internal, persistent mapping
between string based contexts and an integer representation, the mapping
being stored/indexed inside the DBMS. This gives me a small storage
overhead with a fixed size.
Any answers, pointers to documentation, or other help would be greatly
appreciated!
Andy Warner
[-- Attachment #2: Type: text/html, Size: 2510 bytes --]
next reply other threads:[~2008-07-21 23:11 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-07-21 23:10 Andrew Warner [this message]
2008-07-22 0:35 ` questions about persistent storage of security contexts Eric Paris
2008-07-22 1:40 ` KaiGai Kohei
2008-07-22 10:39 ` Andrew Warner
2008-07-22 11:13 ` KaiGai Kohei
2008-07-22 11:34 ` Andy Warner
2008-07-22 2:01 ` Stephen Smalley
2008-07-22 11:58 ` Andy Warner
2008-07-22 12:32 ` Stephen Smalley
2008-07-22 14:30 ` Andy Warner
2008-07-22 15:08 ` Stephen Smalley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=48851770.5020002@rubix.com \
--to=warner@rubix.com \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.