Two netlink patches
Serge Hallyn
serue at us.ibm.com
Thu Dec 16 19:15:49 UTC 2004
On Thu, 2004-12-16 at 11:03 -0500, Stephen Smalley wrote:
> > By extending the NETLINK_CREDS(skb), I assume you mean adding a void
> > *security? Perhaps that's actually the cleaner way to go, if only
> > because it lets the actual receiving subsystem perform the check, rather
> > than netlink. That's the part I don't like about my patch. While in
> > this case it's just audit, that may change, and soon
> > security_netlink_send becomes a central location for checks for all
> > sorts of protocols...
>
> The problem is that if that security field is dynamically allocated,
> then you have the standard lifecycle management issues, so you need
> other hooks to ensure that it is properly freed. If we had a fixed size
Right, adding those hooks would take a pretty invasive patch, and given
that skb->security was rejected, we can't just hook into skb lifecycle
management.
Perhaps the last patch I sent out (with most code in audit.c, but hooked
into netlink_send security checks) should go to the maintainers you
listed for comments?
I will wait until tomorrow in case anyone feels we should be trying
something different first.
thanks,
-serge
--
Serge Hallyn <serue at us.ibm.com>
More information about the Linux-audit
mailing list