Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751512AbdFFL6V (ORCPT <rfc822;w@1wt.eu>);
        Tue, 6 Jun 2017 07:58:21 -0400
Received: from erza.lautre.net ([80.67.160.89]:58616 "EHLO erza.lautre.net"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751422AbdFFL6T (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 6 Jun 2017 07:58:19 -0400
Date: Tue, 6 Jun 2017 13:58:15 +0200
From: =?UTF-8?B?Sm9zw6k=?= Bollo <jobol@nonadev.net>
To: Casey Schaufler <casey@schaufler-ca.com>
Cc: James Morris <jmorris@namei.org>, LKLM <linux-kernel@vger.kernel.org>,
        LSM <linux-security-module@vger.kernel.org>
Subject: Re: [PATCH] procfs: add smack subdir to attrs
Message-ID: <20170606135815.0b6372de@d-jobol.iot.bzh>
In-Reply-To: <76f4dd96-76ca-a7ec-313a-b8ab72b0181f@schaufler-ca.com>
References: <d2876592-e13a-b407-15b0-bdf9b0d49f75@schaufler-ca.com>
        <alpine.LRH.2.20.1706020937290.16910@namei.org>
        <76f4dd96-76ca-a7ec-313a-b8ab72b0181f@schaufler-ca.com>
X-Mailer: Claws Mail 3.14.1 (GTK+ 2.24.31; x86_64-redhat-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by mail.home.local id v56BwPMl030292
Content-Length: 1336
Lines: 34

On Thu, 1 Jun 2017 16:59:24 -0700
Casey Schaufler <casey@schaufler-ca.com> wrote:

> On 6/1/2017 4:38 PM, James Morris wrote:
> > On Thu, 1 Jun 2017, Casey Schaufler wrote:
> >  
> >> Subject: [PATCH] procfs: add smack subdir to attrs  
> > Is there value in this without major stacking support?  
> 
> Yes. If a Smack aware application reads /proc/self/attr/current
> it has no way to know if what it sees is a Smack label or an
> SELinux context. True, the application can look elsewhere
> (i.e. /sys/kernel/security/lsm) to find out which is enabled.
> But the real fix is for Smack to use a different interface
> than SELinux. Which is what this does. True, it will be even
> more important when/if major stacking comes in, but it is still
> significant now, and I would like to have it regardless of
> the future acceptance of major stacking.

I agree that it is a nice forward movement to leave the mud.

I have a subsidiary question to ask. Should we keep the name 'attr' for
the subdirectory? It seems at least convenient but if a better name is
valuable (security, lsm, ...) why not to switch now?

BR josé

> 
> --
> To unsubscribe from this list: send the line "unsubscribe
> linux-security-module" in the body of a message to
> majordomo@vger.kernel.org More majordomo info at
> http://vger.kernel.org/majordomo-info.html