From: "Serge E. Hallyn" <serue@us.ibm.com>
To: Eric Paris <eparis@redhat.com>
Cc: linux-kernel@vger.kernel.org, selinux@tycho.nsa.gov,
netdev@vger.kernel.org, linux-security-module@vger.kernel.org,
sds@tycho.nsa.gov, davem@davemloft.net,
shemminger@linux-foundation.org, kees@ubuntu.com,
morgan@kernel.org, casey@schaufler-ca.com, dwalsh@redhat.com
Subject: Re: [PATCH 2/3] security: introducing security_request_module
Date: Thu, 13 Aug 2009 09:03:06 -0500 [thread overview]
Message-ID: <20090813140306.GC30731@us.ibm.com> (raw)
In-Reply-To: <20090813134457.29186.7182.stgit@paris.rdu.redhat.com>
Quoting Eric Paris (eparis@redhat.com):
> Calling request_module() will trigger a userspace upcall which will load a
> new module into the kernel. This can be a dangerous event if the process
> able to trigger request_module() is able to control either the modprobe
> binary or the module binary. This patch adds a new security hook to
> request_module() which can be used by an LSM to control a processes ability
> to call request_module().
Is there a specific case in which you'd want to deny this ability
from a real task?
-serge
next prev parent reply other threads:[~2009-08-13 14:11 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-08-13 13:44 [PATCH 1/3] Networking: use CAP_NET_ADMIN when deciding to call request_module Eric Paris
2009-08-13 13:44 ` [PATCH 2/3] security: introducing security_request_module Eric Paris
2009-08-13 14:03 ` Serge E. Hallyn [this message]
2009-08-13 15:28 ` Eric Paris
2009-08-13 17:54 ` Serge E. Hallyn
2009-08-13 18:19 ` Eric Paris
2009-08-13 18:31 ` Serge E. Hallyn
2009-08-13 18:40 ` Serge E. Hallyn
2009-08-13 13:45 ` [PATCH 3/3] SELinux: add selinux_kernel_module_request Eric Paris
2009-08-13 18:43 ` Serge E. Hallyn
2009-08-13 14:01 ` [PATCH 1/3] Networking: use CAP_NET_ADMIN when deciding to call request_module Serge E. Hallyn
2009-08-13 18:45 ` Paul Moore
2009-08-13 22:55 ` James Morris
2009-08-13 23:14 ` David Miller
2009-08-14 1:56 ` James Morris
[not found] <20090813033537.27287.18981.stgit@paris.rdu.redhat.com>
[not found] ` <20090813033543.27287.95970.stgit@paris.rdu.redhat.com>
2009-08-13 17:17 ` [PATCH 2/3] security: introducing security_request_module Daniel J Walsh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090813140306.GC30731@us.ibm.com \
--to=serue@us.ibm.com \
--cc=casey@schaufler-ca.com \
--cc=davem@davemloft.net \
--cc=dwalsh@redhat.com \
--cc=eparis@redhat.com \
--cc=kees@ubuntu.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=morgan@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
--cc=shemminger@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).