Re: AppArmor Security Goal

From: Alan Cox
Date: Sat Nov 10 2007 - 18:54:34 EST

Next message: Alan Cox: "Re: AppArmor Security Goal"
Previous message: Dr. David Alan Gilbert: "Re: AppArmor Security Goal"
In reply to: Crispin Cowan: "Re: AppArmor Security Goal"
Next in thread: Dr. David Alan Gilbert: "Re: AppArmor Security Goal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I submit that the AppArmor model is valid, even if it totally failed all
> of David Gilbert's questions (I think AppArmor can actually provide
> about half of what he asked for).

The model looks valid. I have difficulty constructing many scenarios
where its useful but it appears valid providing you can tightly control
file renaming, which is very very questionable.

There are also some very awkward path based issues around shared file
objects (your controlling tty and TIOCSTI for one) that I need to look at
the code for once the VFS stuff is sorted and its likely to get merged.

Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: AppArmor Security Goal"
Previous message: Dr. David Alan Gilbert: "Re: AppArmor Security Goal"
In reply to: Crispin Cowan: "Re: AppArmor Security Goal"
Next in thread: Dr. David Alan Gilbert: "Re: AppArmor Security Goal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]