Re: [PATCH] Extended Attributes for Security Modules against 2.5.68

From: Stephen Smalley (sds@epoch.ncsc.mil)
Date: Thu Apr 24 2003 - 07:55:46 EST


On Wed, 2003-04-23 at 16:20, Christoph Hellwig wrote:
> That doesn't matter at all for this question - if you have a selinux_label
> attribute you can add your different policies with string labels to
> it. But don't mix it up with others.

Ok, so you still favor using a distinct attribute name for SELinux
attributes. Andreas Gruenbacher had suggested during the earlier thread
that we use something like the xattr_trusted.c attribute handler, so
that a single xattr handler would cover all security modules but each
security module could have its own attribute name (security.selinux,
security.dte, security.capabilities, etc). As I explained during that
thread, I don't think we want to use the trusted attribute handler
itself due to its permission checking model, but it would be easy to
make the xattr_security.c handler more like xattr_trusted.c in terms of
allowing arbitrary extensions of a "security." prefix. Is that more to
your liking, or do you truly want a separate handler for each security
module? I see the latter as undesirable as it requires each security
module to separately reserve a name and an index in each filesystem.

-- 
Stephen Smalley <sds@epoch.ncsc.mil>
National Security Agency

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Wed Apr 30 2003 - 22:00:13 EST