Re: Preview of changes to the Security susbystem for 2.6.36

[Kees Cook]

On Mon, Aug 02, 2010 at 07:33:26PM +0200, Christian Stroetmann wrote:
> structure of the other LSMs, especially if it becomes large and in
> this way important to be followed by only growing it with
> functionalities taken from other security packages. If you say that
> the way of the Yama LSM is the right way to do it in general, then
> we don't need a new LSM like Yama, but a new LSM architecture.

Well, trying to get these protections into mainline does seem to be
demonstrating a need for some kind of security architecture that isn't LSM.

As for chaining, I was considering introducing basic "first non-zero return
code wins" chain of LSMs, but the chain could include only up to 1 LSM that
implements the proc attr hook (though the prctl handler isn't non-zero but
rather non-ENOSYS).

-Kees

-- 
Kees Cook
Ubuntu Security Team
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/