login
Login
/
Register
Search
Search this site:
Forums
News
Blogs
Features
Site
Home
»
Mailing list archives
»
linux-kernel
»
2007
»
October
»
6
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory Access Control Kernel
view
thread
Previous message: [
thread
] [
date
] [
author
]
Next message: [
thread
] [
date
] [
author
]
[view in full thread]
From: Bill Davidsen
Subject:
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory Access Control Kernel
Date: Saturday, October 6, 2007 - 12:14 pm
Kyle Moffett wrote:
quoted text
> On Oct 04, 2007, at 21:44:02, Eric W. Biederman wrote: >> What we want from the LSM is the ability to say -EPERM when we can >> clearly articulate that we want to disallow something. > > This sort of depends on perspective; typically with security > infrastructure you actually want "... the ability to return success when > we can clearly articulate that we want to *ALLOW* something". File > permissions work this way; we don't have a list of forbidden users > attached to each file, we have an owner, a group, and a mode > representing positive permissions. With that said in certain high-risk > environments you need something even stronger that cannot be changed by > the "owner" of the file, if we don't entirely trust them, >
Other than ACLs, of course, which do allow blacklisting individual users. -- Bill Davidsen <davidsen@tmr.com> "We have more to fear from the bungling of the incompetent than from the machinations of the wicked." - from Slashdot -
unsubscribe notice
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to
majordomo@vger.kernel.org
More majordomo info at
http://vger.kernel.org/majordomo-info.html
Please read the FAQ at
http://www.tux.org/lkml/
Previous message: [
thread
] [
date
] [
author
]
Next message: [
thread
] [
date
] [
author
]
Messages in current thread:
[PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory ...
, Casey Schaufler
, (Sat Sep 29, 5:20 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Andrew Morton
, (Sun Sep 30, 1:16 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Andi Kleen
, (Sun Sep 30, 1:42 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Christoph Hellwig
, (Sun Sep 30, 2:53 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Sun Sep 30, 10:02 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Sun Sep 30, 10:14 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Sun Sep 30, 10:19 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Joshua Brindle
, (Sun Sep 30, 10:29 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Andi Kleen
, (Sun Sep 30, 10:34 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Andi Kleen
, (Sun Sep 30, 10:39 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Theodore Tso
, (Sun Sep 30, 12:07 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Andi Kleen
, (Sun Sep 30, 1:05 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Paul Moore
, (Sun Sep 30, 1:18 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Theodore Tso
, (Sun Sep 30, 1:22 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Paul Moore
, (Sun Sep 30, 1:30 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, david
, (Sun Sep 30, 4:24 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Serge E. Hallyn
, (Sun Sep 30, 8:47 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Sun Sep 30, 9:15 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, James Morris
, (Mon Oct 1, 4:33 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Linus Torvalds
, (Mon Oct 1, 8:07 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Mon Oct 1, 8:38 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Stephen Smalley
, (Mon Oct 1, 8:40 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Linus Torvalds
, (Mon Oct 1, 9:04 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Mon Oct 1, 9:39 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Olivier Galibert
, (Mon Oct 1, 10:54 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Theodore Tso
, (Mon Oct 1, 12:00 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Mon Oct 1, 1:28 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Jan Engelhardt
, (Mon Oct 1, 1:49 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Thomas Bleher
, (Tue Oct 2, 1:36 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Bill Davidsen
, (Tue Oct 2, 2:02 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Linus Torvalds
, (Tue Oct 2, 2:20 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Linus Torvalds
, (Tue Oct 2, 4:25 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Alan Cox
, (Tue Oct 2, 5:10 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Alan Cox
, (Tue Oct 2, 5:12 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Linus Torvalds
, (Tue Oct 2, 5:18 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Bill Davidsen
, (Tue Oct 2, 8:54 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Linus Torvalds
, (Tue Oct 2, 9:52 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Crispin Cowan
, (Tue Oct 2, 10:32 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Derek Fawcus
, (Thu Oct 4, 3:56 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Chuck Ebbert
, (Thu Oct 4, 4:18 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Derek Fawcus
, (Thu Oct 4, 4:44 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Eric W. Biederman
, (Thu Oct 4, 6:44 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Kyle Moffett
, (Thu Oct 4, 8:04 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Eric W. Biederman
, (Thu Oct 4, 9:45 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Kyle Moffett
, (Thu Oct 4, 10:48 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Fri Oct 5, 9:27 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Stephen Smalley
, (Fri Oct 5, 11:42 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Fri Oct 5, 1:08 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Eric W. Biederman
, (Fri Oct 5, 1:11 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Bill Davidsen
, (Sat Oct 6, 12:14 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Serge E. Hallyn
, (Mon Oct 8, 9:06 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Serge E. Hallyn
, (Mon Oct 8, 9:18 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Eric W. Biederman
, (Mon Oct 8, 10:20 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Mon Oct 8, 10:31 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Mon Oct 8, 10:50 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Serge E. Hallyn
, (Mon Oct 8, 11:00 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Eric W. Biederman
, (Mon Oct 8, 11:47 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Serge E. Hallyn
, (Mon Oct 8, 11:53 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Eric W. Biederman
, (Mon Oct 8, 12:29 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Eric W. Biederman
, (Mon Oct 8, 12:50 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Mon Oct 8, 1:25 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Mon Oct 8, 1:39 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Eric W. Biederman
, (Mon Oct 8, 1:57 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Eric W. Biederman
, (Mon Oct 8, 2:02 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Mon Oct 8, 2:05 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Alan Cox
, (Mon Oct 8, 2:20 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Crispin Cowan
, (Mon Oct 8, 2:51 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Bill Davidsen
, (Mon Oct 8, 4:24 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Stephen Smalley
, (Tue Oct 9, 6:52 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Tue Oct 9, 9:02 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Eric W. Biederman
, (Wed Oct 10, 6:48 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Stephen Smalley
, (Wed Oct 10, 8:45 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Wed Oct 10, 10:57 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Kyle Moffett
, (Thu Oct 11, 3:46 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Thu Oct 11, 8:41 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Kyle Moffett
, (Thu Oct 11, 11:53 am)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Alan Cox
, (Thu Oct 11, 1:09 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Kazuki Omo(Company)
, (Mon Oct 29, 9:01 pm)
Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Manda ...
, Casey Schaufler
, (Tue Oct 30, 8:07 am)
Navigation
Mailing list archives
Recent posts
Popular discussions
linux-kernel
:
Christoph Lameter
[PATCH 1/2] Make page->private usable in compound pages V1
Luben Tuikov
Re: Integration of SCST in the mainstream Linux kernel
Alexey Dobriyan
Re: [2.6.22.2 review 09/84] Fix rfkill IRQ flags.
Michal Nazarewicz
Re: [PATCH] USB: Gadget: g_multi: added INF file for gadget with multiple configur...
Jesse Barnes
Re: PCI probing changes
git
:
Jakub Narebski
Re: GSoC 2008 - Mentors Wanted!
Jan Harkes
Re: git-svn and huge data and modifying the git-svn-HEAD branch directly
Andy Parkins
git-fetch fails with error code 128
Marcus Griep
Re: [PATCH 1/3] Git.pm: Add faculties to allow temp files to be cached
Junio C Hamano
Re: [JGIT PATCH 2/2] Decrease the fetch pack client buffer to the lower minimum
git-commits-head
:
Linux Kernel Mailing List
ARM: 5970/1: nomadik-gpio: fix spinlock usage
Linux Kernel Mailing List
sh-sci: update receive error handling for muxed irqs
Linux Kernel Mailing List
No need to do lock_super() for exclusion in generic_shutdown_super()
Linux Kernel Mailing List
x86, msr: Export the register-setting MSR functions via /dev/*/msr
Linux Kernel Mailing List
Input: gpio-keys - add support for disabling gpios through sysfs
linux-netdev
:
Eric Dumazet
[PATCH] net: ALIGN/PTR_ALIGN cleanup in alloc_netdev_mq()/netdev_priv()
Patrick McHardy
[NET_SCHED]: sch_ingress: remove netfilter support
Rose, Gregory V
RE: __bad_udelay in network driver breaks build
Patrick McHardy
Re: no reassembly for outgoing packets on RAW socket
Frans Pop
svc: failed to register lockdv1 RPC service (errno 97).
openbsd-misc
:
ropers
Re: Real men don't attack straw men
elitdostlar
Seks partneri arayan bayanlar bu adreste - 8878xs706x6438
Marcus Andree
Re: This is what Linus Torvalds calls openBSD crowd
Lars D. Noodén
Re: sshd.config and AllowUsers
Henning Brauer
Re: Sun Blade 1000?
Colocation donated by:
Syndicate
