Is there mailist about LSM

Alexander Ivanov amivanov at fastmail.com
Wed May 30 14:13:31 EDT 2018


On Wed, 30 May 2018 14:05 -0400, valdis.kletnieks at vt.edu wrote:
> On Wed, 30 May 2018 10:37:25 -0700, you said:
> 
> > First, theoretical, I suppose: what were the reasons to effectively disable dynamic loading of LSM ?
> 
> Because that implies the system was up without the LSM loaded - at which 
> point
> somebody can have tampered with whatever labelling the LSM uses.  So we
> insist that the LSM be brought online very early during the boot 
> process, to make
> sure that the LSM has a chance to stop any unauthorized relabeling.
> 
Understood. It thus implies, custom kernel build, right?


> > Second, is there a way for two or more LSMs to co-exist? After inspecting
> > security_module_enable() and register_security(), it doesn't seem possible,
> > however yama does attempt to load itself? Am I missing something?
> 
> There's some support for one "large" LSM and a "trivial" one like yama.

What this some support would be then?
Suppose I have stateless LSM, don't really interested in using any objects' blobs.
What would be a proper way to register a hook or two then?

> There's very real and nasty interactions if you try to run (for instance)
> SELinux and AppArmor at the same time. The composition of multiple
> MAC systems is fraught with danger (go back and look at how long it took
> us to get file capabilities to work right...)

thx!



More information about the Kernelnewbies mailing list