Quoting Eric W. Biederman ([email protected]):
> Herbert Poetzl <[email protected]> writes:
>
> > sorry folks, I don't think that we _ever_ want container
> > root to be able to load any kernel modues at any time
> > without having CAP_SYS_ADMIN or so, in which case the
> > modules can be global as well ... otherwise we end up
> > as a bad Xen imitation with a lot of security issues,
> > where it should be a security enhancement ...
>
> Agreed. At least until someone defines a user-mode
> linux-security-module. We may want a different security module
It's been done before, at least for some hooks (ie one implementation by
antivirus folks). But to actually do this with full support for all
hooks would require some changes. For example, the security_task_kill()
hook is called under several potential locks. At least
read_lock(tasklist_lock) and plain rcu_read_lock() (and I thought also
write_lock(tasklist_lock), but can't find that instance right now).
Clearly that can be fixed, but atm a user-mode lsm isn't entirely
possible.
-serge
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
