From: Eric Paris <eparis@redhat.com>
To: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: linux-kernel@vger.kernel.org, dwalsh@redhat.com,
dmalcolm@redhat.com, sds@tycho.nsa.gov, segoon@openwall.com,
linux-security-module@vger.kernel.org
Subject: Re: Friendlier EPERM - Request for input
Date: Thu, 10 Jan 2013 11:34:39 -0500 [thread overview]
Message-ID: <1357835679.1342.45.camel@localhost> (raw)
In-Reply-To: <201301110014.CDB90164.MFtFHVSQOFOJLO@I-love.SAKURA.ne.jp>
On Fri, 2013-01-11 at 00:14 +0900, Tetsuo Handa wrote:
> The reason I think is that people turn off LSMs because they are using LSMs
> without understanding "what the current configuration is" and/or "how to change
> configuration". People do not spend (or cannot afford spending) resources for
> understanding LSM's configuration.
This is not the point I am arguing. This is not about LSMs, how hard
they are to configure, or how to 'fix' them. It certainly isn't about
how one LSM is better, easier, or superior to another. This is about
getting more information in userspace when operations fail. I'll quote
an off list e-mail I received:
Friendlier/more complete error messages would eliminate an awful lot of
digging around trying to figure *what* the problem is, preparatory to
discerning *where* the problem is and *how* to fix it.
There are so many things that might go into fixing problems in an LSM.
That's what you are talking about, but it isn't relevant here. This is
about knowing WHAT the problem is, maybe helping with where and how.
And this isn't just about LSM. Heck, LSMs are just a small part of it.
I want extended errno interface to talk about DAC, capabilities, ACLs,
LSMs, everything!
> > The audit log is complete crap from a usability PoV. If a web admin is
>
> TOMOYO's audit log is very useful. TOMOYO is a security tool but is also useful
> for education/training/debugging/development/profiling etc.
The TOMOYO audit log is a very poor fit for this as well. I'm not
trying to be rude, but there is no reasonable way for applications to
use it, it is TOMOYO specific, and it doesn't cover non-LSM errors. I
want applications like httpd to be able to put what went wrong in its
log message. I want python to be able to get extended information and
present that up the stack. Nothing we have today comes close. My
proposal isn't perfect, it suffers from the same problems as errno
(except even worse because it is harder to save and restore), but at
least it will usually be helpful...
-Eric
next prev parent reply other threads:[~2013-01-10 16:35 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-01-09 16:04 Friendlier EPERM - Request for input Eric Paris
2013-01-09 19:43 ` Eric Paris
2013-01-09 20:14 ` Casey Schaufler
2013-01-09 20:32 ` Eric Paris
2013-01-09 20:53 ` Casey Schaufler
2013-01-09 20:59 ` Jakub Jelinek
2013-01-09 21:09 ` Eric Paris
2013-01-09 22:17 ` Carlos O'Donell
2013-01-21 0:00 ` Eric W. Biederman
2013-01-21 0:59 ` Eric W. Biederman
2013-01-21 1:09 ` Mike Frysinger
2013-01-09 21:12 ` Casey Schaufler
2013-01-09 21:13 ` Eric Paris
2013-01-09 21:36 ` Casey Schaufler
2013-01-10 15:14 ` Tetsuo Handa
2013-01-10 16:34 ` Eric Paris [this message]
2013-01-11 13:00 ` Mimi Zohar
2013-01-12 5:08 ` Tetsuo Handa
2013-01-27 14:16 ` Rich Kulawiec
2013-01-12 7:23 ` Rob Landley
2013-01-12 20:27 ` Dr. David Alan Gilbert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1357835679.1342.45.camel@localhost \
--to=eparis@redhat.com \
--cc=dmalcolm@redhat.com \
--cc=dwalsh@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=penguin-kernel@I-love.SAKURA.ne.jp \
--cc=sds@tycho.nsa.gov \
--cc=segoon@openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox