On Thu, 6 Oct 2005, David Howells wrote:
> > For example, sys_add_key() calls it with KEY_WRITE against the destination
> > keyring.
>
> Yes, but not in regard to the new key, which is what I thought you were
> implying.
>
> Besides, it's logically two operations: create key and link key to
> keyring. The reason they have to be combined is that the key would be
> immediately destroyed if it wasn't attached to a keyring.
I had assumed that you didn't want a permission check just for creating a
key (which is a fairly abstract and inert thing if you don't do anything
with it), and were only wanting to peform a check when linking.
> The permissions check done on the keyring merely assures that the keyring can
> be modified, not that a new key may or may not actually be created.
Ok, time to add KEY_CREATE?
> > > > I don't think SELinux would care about this yet. If so, the hook can be
> > > > added later.
> > >
> > > Auditing?
> >
> > SELinux does not audit object creation, it will sometimes use a _post hook
> > to update its internal state or perform the access control check for
> > creating the object.
>
> I meant the auditing service. Doesn't that use the security module hooks?
LSM is supposed to be about access control only, although SELinux and
Audit are becoming more intimate as time passes.
[added Steve Grubb to the cc list, who is looking at LSPP audit
requirements]
- James
--
James Morris
<[email protected]>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]