From mboxrd@z Thu Jan 1 00:00:00 1970 From: Miloslav =?utf-8?Q?Trma=C4=8D?= Subject: Re: [PATCH] audit: listen in all network namespaces Date: Fri, 2 Aug 2013 09:21:24 -0400 (EDT) Message-ID: <628325801.10736120.1375449684794.JavaMail.root@redhat.com> References: <1374006760-7687-1-git-send-email-rgb@redhat.com> <51E6156D.3040709@cn.fujitsu.com> <20130719211517.GE11242@madcap2.tricolour.ca> <51ECA519.6020906@cn.fujitsu.com> <20130730172214.GI11242@madcap2.tricolour.ca> <1375379837.20145.40.camel@dhcp137-13.rdu.redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1375379837.20145.40.camel@dhcp137-13.rdu.redhat.com> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com To: Eric Paris Cc: Richard Guy Briggs , linux-audit@redhat.com, ebiederm@xmission.com List-Id: linux-audit@redhat.com ----- Original Message ----- > I still detest the idea of tieing the audit namespace to the user > namespace. My NAK still stands on any such patches. > > I'd think that disjoint namespaces (like networking) instead of > hierarchical namespaces (like user) would be a lot easier to do. My > thoughts have always been about completely disjoint audit namespaces and > I may have missed the nuance of some of your discussion because it > didn't really dawn on me you seem to have always been discussing > hierarchical audit namespace. > > I'm wondering if we want/need both? Would it be possible to avoid adding more dimensions to the namespace matrix? I appreciate that the flexibility allows a wide range of use cases, however it also makes reasoning about the security properties extremely difficult. (If only there were a way to put the genie back to the bottle and have the kernel explicitly recognize something like "virt-like container" or "webhosting-like application isolation" as kernel-space concepts and objects...) Mirek