Re: about the multiple security module in LSM

> 
> On a per-hook basis, I suppose you could
> # modprobe stacker
> # echo "default a or b or c" > /sys/security/stacker/compose
> # echo "inode_permission (a and b) or c" > /sys/security/stacker/compose
> # ...
> # modprobe digsig_verif
> # modprobe bsdjail
> # modprobe seclvl
> 

yes. But I want to put this metapolicy in a concentrated configure file. Then 
we can 
write our this rule, such as "(a and b) or c", in a file. When boot up, kernel 
will read 
it . As you said ,  I will implement it using sysfs filesystem.

> 
> I usually think of LSM as implementing MAC and not DAC, but I guess there's
> nothing stopping you :)  What do you want in additional DAC, mainly to build
> your own ACL's?

Yes. The DAC is implemented by ACL.

> 
> I'll be interested to see your results.  Are you implementing your own MAC and
> RBAC systems, or starting with, say, SELinux?

Ok, when the framework comes out, I will put it to maillist. We accomplished 
our 
own MAC system.

> 
> Use of a pseudofs or a sysfs interface is strongly recommended.  Reading
> a file from the kernel is very strongly frowned upon.  As an example of the
> pseudofs approach, look to linux/security/selinux/selinuxfs.c:sel_write_load
> and linux/security/selinux/ss/services.c:security_load_policy.  For DTE, I
> use a sysfs file and cat the policy into that file line by line.

Thanx.
                             
     Yuan Chunyang