|
|
|
Re: [PATCH] LSM hooks for audit: msg#00040linux.kernel.lsm
Sorry, I wasn't thinking in my initial response. These operations are exported via netlink, which is async, right? Hence, permission checks based on current, including the existing capable() checks, are bogus; you would be checking in the receiving context, not necessarily the sending context. Sending context is not conveyed at present via netlink_skb_parms (no security field) other than uid and capability set. You can performs check upon netlink_send; see what SELinux does there. SELinux policy already governs ability to create and use netlink_audit_sockets and maps the netlink operations to read or write flows, but doesn't offer any finer granularity than that. -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: [PATCH] LSM hooks for audit: 00040, Serge Hallyn |
|---|---|
| Next by Date: | Re: [PATCH] LSM hooks for audit: 00040, Serge E. Hallyn |
| Previous by Thread: | Re: [PATCH] LSM hooks for auditi: 00040, Serge Hallyn |
| Next by Thread: | Re: [PATCH] LSM hooks for audit: 00040, Serge E. Hallyn |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
|
|
| News | FAQ | advertise |