Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751634AbdFFOqv (ORCPT <rfc822;w@1wt.eu>);
        Tue, 6 Jun 2017 10:46:51 -0400
Received: from nm16-vm6.bullet.mail.ne1.yahoo.com ([98.138.91.109]:51665 "EHLO
        nm16-vm6.bullet.mail.ne1.yahoo.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1751542AbdFFOqg (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 6 Jun 2017 10:46:36 -0400
X-Yahoo-Newman-Id: 117568.44857.bm@smtp114.mail.ne1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: tWewyh0VM1mSCELkJXWKca5rB.xqPmtOe0L.8320Ipu8t9X
 o7abdFK4vai8.cf80xZ162tg_lh8NvMxYbWJraGGf9ptcrBgg.wAqp3s6rEl
 68zi5IFCPtbxxEvHDMU_YyD3mVPrSVqmESsTA5Um2q5EhTFSipOlST2hnL2b
 zWmFDSuze_SYyUOAKrLjNSMW6pNCgS7dYUEzcI0KRkDhjSMw0z5WP9dLkPEx
 zk591t0msO1HNMMjj2uZ52jt2nRydouQciExyj29YGIatQIz0.4lOK5Zu4DK
 FoafezeYNqcUcqTQJnCEZWY84g_40iZ9y9OapAFMhOSyYZdLcTS7PQfd0D0j
 p8F9GzZZ0VNZ4Y4CUAITLeUu4Evelh81nkfSQlenzDE7kfY3bzZwJrmfgH1I
 AEd8ELQbeusKRo0ZBy_D0oA3jFV1KFuQDCYEgV.9yWpHSBJLxuX8BmR_YTuY
 7PCtnvNVLtHBzcf9zfG_2F9LXptwS8zQtEz3dwj3iFaUQDYvBdIU5rmmGUTt
 WDuZs55BuCNhz2ZB6jVa1iX9lSAjYXKKdCgSrFL1oM6Xt_Q.OSQx.sS3dJPq
 1sSOSmmORjqCZfeA4GuM7aSsiCQ--
X-Yahoo-SMTP: OIJXglSswBDfgLtXluJ6wiAYv6_cnw--
Subject: Re: [PATCH] procfs: add smack subdir to attrs
To: =?UTF-8?Q?Jos=c3=a9_Bollo?= <jobol@nonadev.net>
Cc: James Morris <jmorris@namei.org>, LKLM <linux-kernel@vger.kernel.org>,
        LSM <linux-security-module@vger.kernel.org>
References: <d2876592-e13a-b407-15b0-bdf9b0d49f75@schaufler-ca.com>
 <alpine.LRH.2.20.1706020937290.16910@namei.org>
 <76f4dd96-76ca-a7ec-313a-b8ab72b0181f@schaufler-ca.com>
 <20170606135815.0b6372de@d-jobol.iot.bzh>
From: Casey Schaufler <casey@schaufler-ca.com>
Message-ID: <a79fbe99-20c7-8265-9d7e-d6f0c9490813@schaufler-ca.com>
Date: Tue, 6 Jun 2017 07:45:28 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.1.1
MIME-Version: 1.0
In-Reply-To: <20170606135815.0b6372de@d-jobol.iot.bzh>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1477
Lines: 35

On 6/6/2017 4:58 AM, José Bollo wrote:
> On Thu, 1 Jun 2017 16:59:24 -0700
> Casey Schaufler <casey@schaufler-ca.com> wrote:
>
>> On 6/1/2017 4:38 PM, James Morris wrote:
>>> On Thu, 1 Jun 2017, Casey Schaufler wrote:
>>>  
>>>> Subject: [PATCH] procfs: add smack subdir to attrs  
>>> Is there value in this without major stacking support?  
>> Yes. If a Smack aware application reads /proc/self/attr/current
>> it has no way to know if what it sees is a Smack label or an
>> SELinux context. True, the application can look elsewhere
>> (i.e. /sys/kernel/security/lsm) to find out which is enabled.
>> But the real fix is for Smack to use a different interface
>> than SELinux. Which is what this does. True, it will be even
>> more important when/if major stacking comes in, but it is still
>> significant now, and I would like to have it regardless of
>> the future acceptance of major stacking.
> I agree that it is a nice forward movement to leave the mud.
>
> I have a subsidiary question to ask. Should we keep the name 'attr' for
> the subdirectory? It seems at least convenient but if a better name is
> valuable (security, lsm, ...) why not to switch now?

Too many things would break. It's really a matter of taste in any case.

>
> BR josé
>
>> --
>> To unsubscribe from this list: send the line "unsubscribe
>> linux-security-module" in the body of a message to
>> majordomo@vger.kernel.org More majordomo info at
>> http://vger.kernel.org/majordomo-info.html
>