Re: AppArmor FAQ - James Morris

linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: James Morris <jmorris@namei.org>
To: Andi Kleen <andi@firstfloor.org>
Cc: Karl MacMillan <kmacmill@redhat.com>,
	David Safford <safford@watson.ibm.com>,
	John Johansen <jjohansen@suse.de>,
	linux-kernel@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	linux-fsdevel@vger.kernel.org
Subject: Re: AppArmor FAQ
Date: Tue, 17 Apr 2007 13:47:39 -0400 (EDT)	[thread overview]
Message-ID: <Line.LNX.4.64.0704171323090.19432@d.namei> (raw)
In-Reply-To: <p73abx66fme.fsf@bingen.suse.de>

On Tue, 17 Apr 2007, Andi Kleen wrote:

> You nicely show one of the major disadvantages of the label model vs the path 
> model here: it requires modification of a lot of applications. 

This is incorrect.

Normal applications need zero modification under SELinux.

Some applications which manage security may need to be made SELinux-aware, 
although this can often be done with PAM plugins, which is a standard way 
to do this kind of thing in modern Unix & Linux OSs.

In any case, it has never been unusual for security-critical Unix/Linux 
apps to be aware of extra security frameworks, and conditionally utilize 
things like kerberos, tcpwrappers, SSL, skey etc.

Also, there's nothing inherent in pathname labeling vs. object labeling 
which makes one model require modification of applications more than the 
other.  You're taking one implementation of each and extrapolating to the 
general case, without even taking into consideration that the 
modifications only refer to security-management functions.

Also, in terms of implementation, these security schemes are quite 
different in their coverage and features, so it's an apples vs. oranges 
comparison anyway.

Thanks,

- James
-- 
James Morris
<jmorris@namei.org>

next prev parent reply	other threads:[~2007-04-17 17:47 UTC|newest]

Thread overview: 45+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-04-16 21:33 AppArmor FAQ John Johansen
2007-04-17  0:20 ` James Morris
2007-04-17 15:03   ` David Safford
2007-04-17 16:00     ` Karl MacMillan
2007-04-17 18:05       ` Andi Kleen
2007-04-17 17:47         ` James Morris [this message]
2007-04-17 18:10           ` Andi Kleen
2007-04-17 20:19             ` Casey Schaufler
2007-04-17 20:50               ` James Morris
2007-04-17 21:16               ` Andi Kleen
2007-04-17 21:41                 ` Karl MacMillan
2007-04-17 22:12                   ` Andi Kleen
2007-04-17 22:29                     ` Karl MacMillan
2007-04-17 21:58                 ` Alan Cox
2007-04-18 13:45                   ` James Morris
2007-04-18 14:33                     ` Shaya Potter
2007-04-18 19:41                     ` Crispin Cowan
2007-04-18 20:03                       ` Shaya Potter
2007-04-18 21:14                       ` James Morris
2007-04-19 17:14                       ` Stephen Smalley
2007-06-09 21:01                       ` Pavel Machek
2007-06-09 21:28                         ` david
2007-06-09 23:02                           ` Pavel Machek
2007-06-10  0:06                             ` david
2007-04-18 20:15                     ` David Lang
2007-04-19 17:27                       ` Stephen Smalley
2007-04-17 21:48               ` Karl MacMillan
2007-04-17 23:12                 ` Casey Schaufler
2007-04-17 22:26             ` Karl MacMillan
2007-04-19 17:46         ` Stephen Smalley
2007-04-20 18:45           ` David Lang
2007-04-20 19:23             ` Karl MacMillan
2007-04-17 23:09     ` Crispin Cowan
2007-04-17 23:20       ` Karl MacMillan
2007-04-19 17:56       ` Stephen Smalley
2007-04-17 21:55   ` Karl MacMillan
2007-04-17 22:55     ` Crispin Cowan
2007-04-17 23:13       ` Karl MacMillan
2007-06-09 14:11       ` Pavel Machek
2007-04-18  7:21     ` Rob Meijer
2007-04-18  7:08       ` David Lang
2007-04-18 13:33         ` James Morris
2007-04-18 12:15       ` Joshua Brindle
2007-04-18 13:31         ` Casey Schaufler
2007-04-18 14:05         ` Rob Meijer

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Line.LNX.4.64.0704171323090.19432@d.namei \
    --to=jmorris@namei.org \
    --cc=andi@firstfloor.org \
    --cc=jjohansen@suse.de \
    --cc=kmacmill@redhat.com \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=safford@watson.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).