From: Casey Schaufler <casey@schaufler-ca.com>
To: Daniel Cashman <dcashman@android.com>, paul@paul-moore.com
Cc: selinux@tycho.nsa.gov, sds@tycho.nsa.gov, eparis@parisplace.org,
james.l.morris@oracle.com, serge@hallyn.com,
linux-security-module@vger.kernel.org, jeffv@google.com,
nnk@google.com, arve@google.com,
Casey Schaufler <casey@schaufler-ca.com>
Subject: Re: Exposing secid to secctx mapping to user-space
Date: Fri, 11 Dec 2015 12:36:03 -0800 [thread overview]
Message-ID: <566B33B3.3040901@schaufler-ca.com> (raw)
In-Reply-To: <566B17FB.6010405@android.com>
On 12/11/2015 10:37 AM, Daniel Cashman wrote:
> Hello,
>
> I would like to write a patch that would expose, via selinuxfs, the
> mapping between secids in the kernel and security contexts to
> user-space, but before doing so wanted to get some feedback as to
> whether or not such an endeavor could have any support upstream.
Please abandon this.
> The
> direct motivation for this is the desire to communicate calling security
> ids/contexts over binder IPC on android for use in a user-space object
> manager. Passing the security ids themselves would be simpler and more
> efficient in the critical kernel path, but they currently have no
> user-space meaning.
The security module infrastructure makes no guarantees about
secids. A security module is not required to maintain a persistent
relationship between the secid and a particular secctx. SELinux
does maintain a persistent relationship, but I don't believe that
there is any desire to commit to everything associated with exposing
that.
Binder ought to have access to more than the secid of the processes
and objects involved. Look into the possibilities there before you
take this approach.
>
> Thank You,
> Dan
> --
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
prev parent reply other threads:[~2015-12-11 20:36 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-11 18:37 Exposing secid to secctx mapping to user-space Daniel Cashman
2015-12-11 19:55 ` Paul Moore
2015-12-11 20:41 ` Roberts, William C
2015-12-11 22:14 ` Stephen Smalley
2015-12-12 0:24 ` Casey Schaufler
2015-12-13 22:06 ` Paul Moore
2015-12-14 17:03 ` Mike Palmiotto
2015-12-14 17:31 ` Casey Schaufler
2015-12-14 17:42 ` Stephen Smalley
2015-12-14 17:50 ` Casey Schaufler
2015-12-14 21:29 ` Roberts, William C
2015-12-14 22:11 ` Stephen Smalley
2015-12-14 22:52 ` William Roberts
2015-12-14 22:57 ` Roberts, William C
2015-12-15 15:00 ` Stephen Smalley
2015-12-15 16:06 ` Casey Schaufler
2015-12-15 16:55 ` Stephen Smalley
2015-12-15 17:36 ` Casey Schaufler
2015-12-15 17:19 ` Joe Nall
2015-12-15 18:03 ` Stephen Smalley
2015-12-15 19:09 ` Joe Nall
2015-12-18 23:55 ` Paul Moore
2015-12-15 20:58 ` Daniel Cashman
2015-12-15 22:41 ` William Roberts
2015-12-18 23:54 ` Paul Moore
2015-12-11 20:36 ` Casey Schaufler [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=566B33B3.3040901@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=arve@google.com \
--cc=dcashman@android.com \
--cc=eparis@parisplace.org \
--cc=james.l.morris@oracle.com \
--cc=jeffv@google.com \
--cc=linux-security-module@vger.kernel.org \
--cc=nnk@google.com \
--cc=paul@paul-moore.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
--cc=serge@hallyn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.