Re: [RFC][PATCH 0/7] File descriptor labeling

From: Eric Paris
Date: Thu Apr 28 2011 - 13:56:11 EST

Next message: Valdis . Kletnieks: "Re: [PATCH v3.1] kbuild: implement several W= levels"
Previous message: Anders Kaseorg: "[PATCH] jump label: Fix jump_label_text_reserved"
In reply to: Casey Schaufler: "Re: [RFC][PATCH 0/7] File descriptor labeling"
Next in thread: Roberto Sassu: "Re: [RFC][PATCH 0/7] File descriptor labeling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 28, 2011 at 1:37 PM, Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:
> On 4/28/2011 5:35 AM, Roberto Sassu wrote:
>> On Thursday, April 28, 2011 01:27:19 AM Tyler Hicks wrote:
>>> On Wed Apr 27, 2011 at 01:19:55PM -0700, Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:
>>>> On 4/27/2011 5:34 AM, Roberto Sassu wrote:

> On this point I most strongly disagree.

Casey, I'm glad you're trying to figure out what's going on here
because I certainly don't understand all the problems!

If there were some mechanism by which the 'lower' inode could be ONLY
accessibly by ecyptfs kernel internals it oculd be marked IS_PRIVATE
and skip all security checks on it. Then you only have SELinux
security checks on the upper inode. Which seems to make sense. My
problem is that this is ONLY acceptable if there is no way for
userspace to directly reference the lower struct inode.

Just a thought.

-Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Valdis . Kletnieks: "Re: [PATCH v3.1] kbuild: implement several W= levels"
Previous message: Anders Kaseorg: "[PATCH] jump label: Fix jump_label_text_reserved"
In reply to: Casey Schaufler: "Re: [RFC][PATCH 0/7] File descriptor labeling"
Next in thread: Roberto Sassu: "Re: [RFC][PATCH 0/7] File descriptor labeling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]