Audit, LSM, SELinux, and Smack
Stephen Smalley
sds at tycho.nsa.gov
Thu Jul 26 13:03:51 UTC 2007
On Wed, 2007-07-25 at 13:19 -0700, Casey Schaufler wrote:
> I'm looking at getting audit into my Smack LSM module.
> Stephen Smalley has suggested, and I concur, that this
> may be the time to convert audit from using SELinux
> specific interfaces to LSM based interfaces.
>
> Before I start blasting away with patches, I want to
> check and see if anyone else is looking into this.
> There's a good chunk of work to be done for LSM, audit,
> SELinux, and Smack.
Also netlink, if you need/want to be able to save the sending task's
label at send time for later use for permission checking and auditing at
receive time. At present, netlink_sendmsg() calls
selinux_get_task_sid() to save the sending task SID in the
netlink_skb_parms struct, and that SID is later extracted by
selinux_netlink_recv and audit_receive_msg. That parallels what happens
with the eff_cap set and the loginuid.
> I also want to be sure that no one
> will take umberage with the notion.
At some point, objections may arise that the changes are too invasive or
costly, or that they aren't justified until such a time as it is shown
that smack or another user is actually going to be merged. But in
abstract, I don't have a problem with converting these over to using LSM
hooks (as long as LSM remains). What makes it a little harder is that
smack has no equivalent to a sid/secid, just the full labels (albeit
those are small and fixed size).
--
Stephen Smalley
National Security Agency
More information about the Linux-audit
mailing list