[redhat-lspp] Number of level & compartments
Stephen Smalley
sds at tycho.nsa.gov
Tue Sep 20 12:32:06 UTC 2005
On Mon, 2005-09-19 at 23:56 -0500, George Wilson wrote:
> So has a huge set of compartments ever been tested? If not, it might be
> worthwhile to make sure nothing breaks.
There are some limitations imposed by the kernel interfaces (as opposed
to the internal data structures, which are only limited by memory). The
xattr API allows for 64k xattrs, so that isn't a concern. However,
the /proc/pid/attr and selinuxfs interfaces are presently limited to
page size reads and writes, so you could possibly run up against those
limitations, particularly for selinuxfs interfaces that deal with more
than a single context. However, given the compact notation being used
by the kernel (c0,c1,...) and the shorthand form for contiguous sets of
categories (c0.c127), I wouldn't expect a problem in practice. It would
take security contexts that included a huge number of individual
non-contiguous categories to hit the limit. Simply having a huge number
of categories by itself isn't the issue; it is having security contexts
that include huge sets of individual non-contiguous categories.
However, it might be worthwhile to look into making the size limitations
on /proc/pid/attr and selinuxfs tunable. Userspace code could likely
stand an audit as well to make sure that it isn't imposing artificial
limitations on context string sizes.
--
Stephen Smalley
National Security Agency
More information about the redhat-lspp
mailing list