Re: Out of tree module using LSM

On Thu, 2007-11-29 at 11:19 -0700, Justin Banks wrote:
> Ray Lee wrote
> > On Nov 29, 2007 9:45 AM, Greg KH <[email protected]> wrote:
> > > > Perhaps if you looked at this outside of a file-server scenario, the
> > > > problem would be clearer? Anti-malware companies want to check
> > > > anything written to disk on a system, either at write time or blocking
> > > > the open/mmap. That means proactively protecting email programs with
> > > > known vulnerabilities that have yet to be patched, web browsers
> > > > writing and reading their caches, an Apache instance running WebDAV,
> > > > the list goes on. And these are on desktop systems, with no attached
> > > > file/network server.
> > >
> > > Ok, if they want to check on every open/mmap then just hook in glibc to
> > > do this.  Especially as they want to run userspace code at this point in
> > > time.
> > 
> > Doesn't help statically linked binaries, or anything else that bypases glibc.
> 
> Or NFS servers for that matter, either.

Right. I threw all of these examples out there and was given the
impression that a one-size fits all "solution" is needed. And to be
honest, I can understand that desire.

I don't want to fall into any "snake oil" traps, because I know the
reality is that there are holes in any solution. The only way
to /really/ be sure of file integrity is to mark every user-visible
pagecache page read only, trap on every single write, and re-scan the
entirety of the file at that point. And even more silliness.

A compromise is therefore called for. I will go shut up and go talk to
these guys and see if I can hook up a public discussion around a set of
requirements. Preferably some code too, but at least a requirements doc.

Thanks,

Jon.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

References:
- Re: Out of tree module using LSM
  - From: Greg KH <[email protected]>
- Re: Out of tree module using LSM
  - From: Jan Engelhardt <[email protected]>
- Re: Out of tree module using LSM
  - From: Greg KH <[email protected]>
- Re: Out of tree module using LSM
  - From: Jon Masters <[email protected]>
- Re: Out of tree module using LSM
  - From: Greg KH <[email protected]>
- Re: Out of tree module using LSM
  - From: Jan Engelhardt <[email protected]>
- Re: Out of tree module using LSM
  - From: Greg KH <[email protected]>
- Re: Out of tree module using LSM
  - From: "Ray Lee" <[email protected]>
- Re: Out of tree module using LSM
  - From: Greg KH <[email protected]>
- Re: Out of tree module using LSM
  - From: "Ray Lee" <[email protected]>
- Re: Out of tree module using LSM
  - From: Justin Banks <[email protected]>

Prev by Date: Re: [PATCH] kobject: make sure kobj->ktype is set before kobject_init
Next by Date: Re: Out of tree module using LSM
Previous by thread: Re: Out of tree module using LSM
Next by thread: Re: Out of tree module using LSM
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]