From: Vasiliy Kulikov <segoon@openwall.com>
To: Eric Paris <eparis@redhat.com>
Cc: linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org, apparmor@lists.ubuntu.com,
"selinux@tycho.nsa.gov Stephen Smalley" <sds@tycho.nsa.gov>,
James Morris <jmorris@namei.org>,
Eric Paris <eparis@parisplace.org>,
John Johansen <john.johansen@canonical.com>,
kernel-hardening@lists.openwall.com
Subject: [kernel-hardening] Re: [RFC v1] security: introduce ptrace_task_access_check()
Date: Fri, 17 Jun 2011 19:50:58 +0400 [thread overview]
Message-ID: <20110617155058.GB22588@albatros> (raw)
In-Reply-To: <4DFB7605.9000909@redhat.com>
On Fri, Jun 17, 2011 at 11:43 -0400, Eric Paris wrote:
> >Please help me to figure out how such patch should be divided to be
> >applied. I think about such scheme:
> >
> >1) add generic security/* functions.
> >2-4) add ptrace_task_access_check() for SMACK, AppArmor and SELinux.
> >5) change ptrace_access_check() in security ops and all LSMs to
> > ptrace_task_access_check().
> >
> >But I'd like to hear maintainers' oppinions not to put useless efforts.
>
> Not a real review, but I didn't instantly grok the need for the new
> cap functions.
It is needed because of capable(CAP_SYS_PTRACE) and similar inside of
ptrace_may_access() implementations.
> So maybe that's it's own patch with it's own change
> log. After that you should just add the 'parent' task to
> ptrace_access_check() and fix all of the LSMs to handle the new
> semantics at once. No need to rename the function or do a bunch of
> seperate patchs.
I thought it would represent function's semantic changes more strongly.
> All of us LSM authors can just ACK our little part
> and James can take the patch when everyone has their say. I think
> that will make history the cleanest.....
Great! It would be much simple for me too :)
Thanks,
--
Vasiliy Kulikov
http://www.openwall.com - bringing security into open computing environments
next prev parent reply other threads:[~2011-06-17 15:50 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-17 15:29 [kernel-hardening] [RFC v1] security: introduce ptrace_task_access_check() Vasiliy Kulikov
2011-06-17 15:34 ` [kernel-hardening] " Vasiliy Kulikov
2011-06-17 15:43 ` Eric Paris
2011-06-17 15:50 ` Vasiliy Kulikov [this message]
2011-06-17 15:58 ` Vasiliy Kulikov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110617155058.GB22588@albatros \
--to=segoon@openwall.com \
--cc=apparmor@lists.ubuntu.com \
--cc=eparis@parisplace.org \
--cc=eparis@redhat.com \
--cc=jmorris@namei.org \
--cc=john.johansen@canonical.com \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=sds@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox