Received: by 10.213.65.68 with SMTP id h4csp1620030imn; Thu, 5 Apr 2018 00:24:33 -0700 (PDT) X-Google-Smtp-Source: AIpwx4/5yPcmrtLX/rTTFhLfWtm8gaWW/aVSF2mjbzc1hN4lV8ImQr2yAjHa/lYOv3nihQLwV3F8 X-Received: by 10.98.163.153 with SMTP id q25mr16434956pfl.189.1522913073254; Thu, 05 Apr 2018 00:24:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522913073; cv=none; d=google.com; s=arc-20160816; b=HcXH0iMUssLvwvXy3PIKdikEev9fRZ0Zzl8oHT4yNda8W/yTDuBAGeiFaK1XG6c5Jr taMjvrmmM1+4qiTlHwINViBbfmKT/hcZkMp2KntugQHGSPMQGpBJYFkRU2ZWRd9MDBQ0 8mVBECbG3Y+yFPWAwBAob6drNXOnGUsUAwFsPUHGel009y+lpc2K7MFBhILug+MU0yqU FxBhFdRyIj961cicqaHOiZSrENtAtwAraVN/rlyy3zsFd1blmpSSz/kvE7DVTkhjSNgw SOWl460WJVTYuIPDszpVF35rViWFG46JecpghUXJ9DGnx1Z6YrgF4eseAYTf8fflhVUo gIJQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:msscp.transfermailtomossagent :mime-version:content-transfer-encoding:spamdiagnosticmetadata :spamdiagnosticoutput:content-language:accept-language:in-reply-to :references:message-id:date:thread-index:thread-topic:subject:to :from:dkim-signature:arc-authentication-results; bh=F1R7S/P/K7IXIQE49msNaDw6c2voeI/7LUD04hR6zhQ=; b=ldVRNq9owg1D+xaK4hH1ARpKxoMXA6nQH7GnEFScfgMv7gQ3VMUIebFoqnhZYj1ND/ aCMKrVfEv8v9mjS/BvjeFrO4fpE1yzzS1PjjYGzOGVHyuXmcCXOnJuzZzDW892kL+0Od LDyoIzEERLWYtM4Fz52nArs4uFXlD8+r8BLm5YKiSNb4cUo3DKvO4/sPvk5jDPLH+8iW 1V7aBMUdeSz8Fd+NKCkqATv7IFdPZcFi3z0qjaQltbvPhcCO8St0iQ8ml2wwDa06hCyz V14NTVuwmIFVusRubd7r8Nmb3ita7E92TeX5rtd+jAhe0h5LejPwnArsu5VOHyMJ9UJk Mseg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@toshibaap.onmicrosoft.com header.s=selector1-toshiba-co-jp header.b=PeyncL56; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=toshiba.co.jp Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g16si4892240pgn.813.2018.04.05.00.24.19; Thu, 05 Apr 2018 00:24:33 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@toshibaap.onmicrosoft.com header.s=selector1-toshiba-co-jp header.b=PeyncL56; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=toshiba.co.jp Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751329AbeDEHWX (ORCPT + 99 others); Thu, 5 Apr 2018 03:22:23 -0400 Received: from mo-csw-fb1516.securemx.jp ([210.130.202.172]:38496 "EHLO mo-csw-fb.securemx.jp" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750853AbeDEHWU (ORCPT ); Thu, 5 Apr 2018 03:22:20 -0400 X-Greylist: delayed 2493 seconds by postgrey-1.27 at vger.kernel.org; Thu, 05 Apr 2018 03:22:19 EDT Received: by mo-csw-fb.securemx.jp (mx-mo-csw-fb1516) id w356ekh4005882; Thu, 5 Apr 2018 15:40:47 +0900 Received: by mo-csw.securemx.jp (mx-mo-csw1514) id w356edhj031592; Thu, 5 Apr 2018 15:40:39 +0900 X-Iguazu-Qid: 34tMe9Tnp4ADxbP7Mf X-Iguazu-QSIG: v=1; s=0; t=1522910439; q=34tMe9Tnp4ADxbP7Mf; m=3sZHinJnENv9eD4T2jTzoMa/fHTxJWBAeEd35+pE67g= Received: from imx12.toshiba.co.jp (imx12.toshiba.co.jp [61.202.160.132]) by relay.securemx.jp (mx-mr1512) id w356ecm7015707; Thu, 5 Apr 2018 15:40:38 +0900 Received: from hop101.toshiba.co.jp ([133.199.85.107]) by imx12.toshiba.co.jp with ESMTP id w356ecYn005382; Thu, 5 Apr 2018 15:40:38 +0900 (JST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=toshibaap.onmicrosoft.com; s=selector1-toshiba-co-jp; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=F1R7S/P/K7IXIQE49msNaDw6c2voeI/7LUD04hR6zhQ=; b=PeyncL56KKTR4C+RCq7Qn/p48X27+dL4NyN2pgWXtZx5AKpRVH6Q3oSh1VkCkFjolt1BlfFkFbcXpWtBcQab1CjpPbAvfiEB+Ea++Gq7ec196cCbJuDxOuBthHfld8nwKG6OVD6op8gZCwC75aw+JAMrqDrtGeivlOVay7D/3hg= From: To: , , , Subject: RE: [RFC v3 0/2] WhiteEgret LSM module Thread-Topic: [RFC v3 0/2] WhiteEgret LSM module Thread-Index: AQHTyAJOnQ+9r2edhk+NYvbIB0nAd6PsWl+AgAVlmJA= Date: Thu, 5 Apr 2018 06:40:36 +0000 X-TSB-HOP: ON Message-ID: References: <20180330083031.2199-1-masanobu2.koike@toshiba.co.jp> <20180401200827.GA28101@mail.hallyn.com> In-Reply-To: <20180401200827.GA28101@mail.hallyn.com> Accept-Language: ja-JP, en-US Content-Language: ja-JP authentication-results: spf=none (sender IP is ) smtp.mailfrom=shinya1.takumi@toshiba.co.jp; x-originating-ip: [103.91.184.160] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1;OSBPR01MB1783;7:N31ltt3CfCwifRJnRsWdj07mvBRAJ8EG4ggk0h9iFuCGQHbUnFaJPs9EJcMgkunzNLYc/f/LYZviZBSJxISzmg3x0n51tmu4FveHDH43Pshm8iaUKNVRBfsVNoW0MAZBfu/WfmUbX60HWOJhEgLY1H1xZggRTH6tHt4VExXqNQr6zszQrLrxC3ixyaxTRfc2vHkZLUaMyCjPiRjcGChvdGcXVwWtTWMoVg7H+l1qmUvGl4BLgGnor4YJK0Yw/2Mm x-ms-exchange-antispam-srfa-diagnostics: SOS; x-ms-office365-filtering-correlation-id: ceb3ecd5-cb50-4267-8d23-08d59ac02376 x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:(7020095)(4652020)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020);SRVR:OSBPR01MB1783; x-ms-traffictypediagnostic: OSBPR01MB1783: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(9452136761055); x-exchange-antispam-report-cfa-test: BCL:0;PCL:0;RULEID:(8211001083)(6040522)(2401047)(5005006)(8121501046)(3231221)(944501327)(52105095)(10201501046)(93006095)(93001095)(3002001)(6041310)(20161123560045)(20161123562045)(20161123558120)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011);SRVR:OSBPR01MB1783;BCL:0;PCL:0;RULEID:;SRVR:OSBPR01MB1783; x-forefront-prvs: 06339BAE63 x-forefront-antispam-report: SFV:NSPM;SFS:(10009020)(396003)(39380400002)(39850400004)(376002)(366004)(346002)(199004)(189003)(13464003)(476003)(2900100001)(3280700002)(2906002)(3846002)(186003)(26005)(55016002)(9686003)(6116002)(478600001)(33656002)(25786009)(68736007)(76176011)(5250100002)(305945005)(7736002)(486006)(97736004)(3660700001)(2501003)(110136005)(316002)(966005)(8936002)(7696005)(6306002)(102836004)(14454004)(81166006)(86362001)(53936002)(53546011)(11346002)(99286004)(6246003)(105586002)(446003)(74316002)(59450400001)(106356001)(66066001)(74482002)(81156014)(2201001)(6506007)(6436002)(5660300001)(229853002)(8676002)(422495003);DIR:OUT;SFP:1101;SCL:1;SRVR:OSBPR01MB1783;H:OSBPR01MB2184.jpnprd01.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;A:1;MX:1; received-spf: None (protection.outlook.com: toshiba.co.jp does not designate permitted sender hosts) x-microsoft-antispam-message-info: gPB7zXChjhbuMGeeuE7ESgAZ64UeHgcesluIoz6ag+W4Ilt3TqCM+eCq3kYhX7DJ2MeL3qW5dJfgWbUocSMVHp3D5qlHFO1wQwmeYz/xUBFhIcUS5C53ZCPhSOFEGof1m58z6OIQ0ldH1Omz/zb5Bg0aB4EQj8Gai+g5/36GWqpCWKU8ZhZ5Rm76LdV8m2SLWrAiAALKN51hvw+TUtuMOFrlPvRX1Bgnj3xgvYEiYNwy6mi1UiyydoZC6V8pvFXmlM2rLGq2OWUOumzAwiiJ1VMYUiuPxfT/HiY1SqYSAVe2Ylea3X8emjwyWDz5wsKfyQjoGlg2xCuh+5vMYC4ZTP5by43m8s532nL2JSr664KeIE88YxHmQ052mR1TpxWK+wZLqBE/tPR3E3/PGLSiCQCpGDhMcHIYVu67cfpb6lA= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: ceb3ecd5-cb50-4267-8d23-08d59ac02376 X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Apr 2018 06:40:36.1694 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: f109924e-fb71-4ba0-b2cc-65dcdf6fbe4f X-MS-Exchange-Transport-CrossTenantHeadersStamped: OSBPR01MB1783 MSSCP.TransferMailToMossAgent: 103 X-OriginatorOrg: toshiba.co.jp Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org I am one of developers of WhiteEgret. > regardling the last one, do you have a plan for handling it? Yes, we have a plan to release WhiteEgret v4 patch with a WEUA sample of ac= cess control for script programs. The latest WhiteEgret cannot control script programs since script files rea= d by an interpreter are not hooked by the execve system call. We consider that script programs can be controlled by controlling the files= inputted by interpreters, accordingly.=20 We consider that the control can be realized using the read system call hoo= king. Now, we are developing WhiteEgret with the read system call hooking and WEU= A which controls the script files to be read to interpreters using informat= ion from the read system call hooking and white list. -----Original Message----- From: owner-linux-security-module@vger.kernel.org [mailto:owner-linux-secur= ity-module@vger.kernel.org] On Behalf Of Serge E. Hallyn Sent: Monday, April 2, 2018 5:08 AM To: koike masanobu(=1B$B>.CS=1B(B =1B$B@5=3D$=1B(B =1B$B#T#D#S#L=1B(B =1B$B= !J#I#S#E#C!K!N#S#E#C1?!O=1B(B) Cc: jmorris@namei.org; serge@hallyn.com; linux-security-module@vger.kernel.= org; linux-kernel@vger.kernel.org Subject: Re: [RFC v3 0/2] WhiteEgret LSM module Quoting Masanobu Koike (masanobu2.koike@toshiba.co.jp): ... > Assumptions and ToDos >=20 > At this stage, WhiteEgret assumes the following. > Relaxing these assumptions are future works. > - Root is not compromised. And using a whitelist and a WEUA requires=20 > root privilege. > - WEUA is reliable. > - It is allowed for scripting languages, e.g., Perl or Python, to read=20 > arbitrary scripts and to execute them. Hi, regardling the last one, do you have a plan for handling it? -- To unsubscribe from this list: send the line "unsubscribe linux-security-mo= dule" in the body of a message to majordomo@vger.kernel.org More majordomo = info at http://vger.kernel.org/majordomo-info.html