From: Casey Schaufler <casey@schaufler-ca.com>
To: Stephen Smalley <sds@epoch.ncsc.mil>
Cc: "Serge E. Hallyn" <serue@us.ibm.com>,
Linux Containers <containers@lists.osdl.org>,
linux-security-module@vger.kernel.org,
SELinux <selinux@tycho.nsa.gov>,
Alexey Dobriyan <adobriyan@gmail.com>,
Andrew Morgan <morgan@kernel.org>
Subject: Re: [PATCH 1/1] cr: lsm: restore LSM contexts for ipc objects
Date: Mon, 22 Jun 2009 20:10:33 -0700 [thread overview]
Message-ID: <4A4047A9.8020202@schaufler-ca.com> (raw)
In-Reply-To: <1245695023.12493.7.camel@localhost.localdomain>
Stephen Smalley wrote:
> On Mon, 2009-06-22 at 12:50 -0500, Serge E. Hallyn wrote:
>
>> Quoting Stephen Smalley (sds@epoch.ncsc.mil):
>>
>>> Not sure you need to cache them in the cr layer (vs. just using the
>>> mapping functions provided by the LSM hook interface, and letting the
>>> security module handle caching internally).
>>>
>> Do I understand correctly that secids are supposed to be consistent
>> across machines and reboots, but not across policy versions?
>>
>
> No, secids are temporal - they are dynamically allocated at runtime like
> file descriptors. You should only store security contexts in the
> images.
>
Like he said. Smack would be happier if secid's went away, but
there's too much left over from the era when SELinux was the only
LSM for that to happen without crying and gnashing of teeth. A
secid is good only for the current invocation of the current
instance of the kernel.
WARNING: multiple messages have this Message-ID (diff)
From: Casey Schaufler <casey@schaufler-ca.com>
To: Stephen Smalley <sds@epoch.ncsc.mil>
Cc: "Serge E. Hallyn" <serue@us.ibm.com>,
Linux Containers <containers@lists.osdl.org>,
linux-security-module@vger.kernel.org,
SELinux <selinux@tycho.nsa.gov>,
Alexey Dobriyan <adobriyan@gmail.com>,
Andrew Morgan <morgan@kernel.org>
Subject: Re: [PATCH 1/1] cr: lsm: restore LSM contexts for ipc objects
Date: Mon, 22 Jun 2009 20:10:33 -0700 [thread overview]
Message-ID: <4A4047A9.8020202@schaufler-ca.com> (raw)
In-Reply-To: <1245695023.12493.7.camel@localhost.localdomain>
Stephen Smalley wrote:
> On Mon, 2009-06-22 at 12:50 -0500, Serge E. Hallyn wrote:
>
>> Quoting Stephen Smalley (sds@epoch.ncsc.mil):
>>
>>> Not sure you need to cache them in the cr layer (vs. just using the
>>> mapping functions provided by the LSM hook interface, and letting the
>>> security module handle caching internally).
>>>
>> Do I understand correctly that secids are supposed to be consistent
>> across machines and reboots, but not across policy versions?
>>
>
> No, secids are temporal - they are dynamically allocated at runtime like
> file descriptors. You should only store security contexts in the
> images.
>
Like he said. Smack would be happier if secid's went away, but
there's too much left over from the era when SELinux was the only
LSM for that to happen without crying and gnashing of teeth. A
secid is good only for the current invocation of the current
instance of the kernel.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2009-06-23 3:10 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-06-20 1:32 [PATCH 1/1] cr: lsm: restore LSM contexts for ipc objects Serge E. Hallyn
2009-06-20 1:32 ` Serge E. Hallyn
2009-06-22 5:37 ` James Morris
2009-06-22 5:37 ` James Morris
2009-06-22 16:25 ` Serge E. Hallyn
2009-06-22 16:25 ` Serge E. Hallyn
[not found] ` <20090620013216.GA4435-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-06-22 14:47 ` Stephen Smalley
2009-06-22 14:47 ` Stephen Smalley
2009-06-22 17:50 ` Serge E. Hallyn
2009-06-22 17:50 ` Serge E. Hallyn
2009-06-22 18:23 ` Stephen Smalley
2009-06-22 18:23 ` Stephen Smalley
2009-06-23 3:10 ` Casey Schaufler [this message]
2009-06-23 3:10 ` Casey Schaufler
2009-06-23 17:55 ` Stephen Smalley
2009-06-23 17:55 ` Stephen Smalley
2009-06-23 18:18 ` Serge E. Hallyn
2009-06-23 18:18 ` Serge E. Hallyn
2009-06-23 19:57 ` Serge E. Hallyn
2009-06-23 19:57 ` Serge E. Hallyn
2009-06-24 13:10 ` Stephen Smalley
2009-06-24 13:10 ` Stephen Smalley
2009-06-24 22:07 ` Serge E. Hallyn
2009-06-24 22:07 ` Serge E. Hallyn
2009-06-25 12:34 ` Stephen Smalley
2009-06-25 12:34 ` Stephen Smalley
2009-06-25 12:59 ` Serge E. Hallyn
2009-06-25 12:59 ` Serge E. Hallyn
2009-06-25 14:06 ` Stephen Smalley
2009-06-25 14:06 ` Stephen Smalley
2009-06-25 4:21 ` Oren Laadan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4A4047A9.8020202@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=adobriyan@gmail.com \
--cc=containers@lists.osdl.org \
--cc=linux-security-module@vger.kernel.org \
--cc=morgan@kernel.org \
--cc=sds@epoch.ncsc.mil \
--cc=selinux@tycho.nsa.gov \
--cc=serue@us.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.