Re: Out of tree module using LSM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Alan Cox <[email protected]> wrote on 28/11/2007 19:50:42:

> > So as there is no question the current code does some ugly things it 
is 
> > even more true that we would be even more happy to use an official 
API. 
> > LSM was that and we were happily using it which we won't be able to do 
if 
> > it abruptly goes away. Yes it is not a perfect match but until it is 
> > modified to be better, or until something appropriate is designed and 
> > implemented, it would be very nice if it could stay.
> 
> So for an SELinux based system what you are saying is you want to be 
able
> to stack your module with the SELinux module and after SELinux has
> considered policy rules still be able to veto them on the grounds that
> you are say about to serve a virus to a windows box ?

Basically yes but the effective scenario is a bit wider. Local actions 
like disallowing execution of rootkits, exploits and other similar malware 
are also interesting. Another example would be enforcing a corporate 
policy on which IM clients shouldn't be used so it is not just fileserver 
scenario in which Linux machines can be compromised.

But really I am not the best person to know all current attack vectors. 
Overall set of requirements and ideas is something we are working on with 
other vendors and hopefully with the community. This is one of the two 
main things my original post was about.

--
Tvrtko August Ursulin
Senior Software Engineer, Sophos

"Views and opinions expressed in this email are strictly those of the 
author.
 The contents has not been reviewed or approved by Sophos."

Tel: 01235 559933
Web: www.sophos.com
Protecting business against viruses, spyware, spam and policy abuse


Sophos Plc, The Pentagon, Abingdon Science Park, Abingdon,
OX14 3YP, United Kingdom.

Company Reg No 2096520. VAT Reg No GB 348 3873 20.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux