Re: [PATCH] Protection for exploiting null dereference using mmap
From: Stephen Smalley
Date: Wed Jun 06 2007 - 08:13:20 EST
On Tue, 2007-06-05 at 15:53 -0700, Chris Wright wrote:
> * Eric Paris (eparis@xxxxxxxxxx) wrote:
> > One result of using the dummy hook for non-selinux kernels means that I
> > can't leave the generic module stacking code in the SELinux check. If
> > the secondary ops are called they will always deny the operation just
> > like in non-selinux systems even if SELinux policy would have allowed
> > the action. This patch may be the first step to removing the arbitrary
> > LSM module stacking code from SELinux. I think history has shown the
> > arbitrary module stacking is not a good idea and eventually I want to
> > pull out all the secondary calls which aren't used by the capability
> > module, so I view this as just the first step along those lines.
>
> Or replace them all with direct library calls to the capability code.
The only tricky part there is retaining the support for falling back on
capabilities upon runtime disable of selinux by /sbin/init.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/