On Fri, 2006-10-27 at 16:42 +0100, David Howells wrote:
> Stephen Smalley <[email protected]> wrote:
>
> > We might want more information passed into the hook, like the cache
> > directory itself,
>
> I can do that. I have the cache directory path and the cache tag name both
> available as strings.
>
> > int security_cache_set_context(struct vfsmount *mnt, struct dentry *dentry, u32 secid)
> > {
>
> Where are you envisioning this going? In SELinux, in the LSM core or in
> cachefiles?
Sorry, that should have been named selinux_cache_set_context(), a
SELinux-specific implementation of a security_cache_set_context() LSM
hook. The hook would be called after the cache directory pathname has
been looked up by your module, yielding a (mnt, dentry) pair and after
the security context string has been mapped to a secid.
> I was also wondering if I could generalise it to handle all cache
> types, but the permissions checks are probably going to be quite different for
> each type. For instance, CacheFiles uses files on a mounted fs, whilst CacheFS
> uses a block device.
So in the latter case, the daemon supplies the path of a block device
node? I suppose the hook could internally check the type of inode to
decide what checks to apply, using the checks I previously sketched when
it is a directory and using a different set of checks for the block
device (substituting a write check against the block device for the
directory-specific checks). The hook interface itself would look the
same IIUC, i.e. providing the (mnt, dentry) pair to which the path
resolved and the secid to which the context resolved.
> Also, with your multiple cache example, how would I bring each cachefilesd
> daemon up in a different context so that it could handle a different cache with
> a different context?
runcon will run a program in a specified context, so if you defined
cachesfilesd_internal_t and aachesfilesd_external_t domains in policy,
you could then do:
runcon -t cachefilesd_internal_t -- /path/to/cachefilesd args...
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]