Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp1928959ybh; Fri, 13 Mar 2020 09:50:56 -0700 (PDT) X-Google-Smtp-Source: ADFU+vs1MPPAVYX+KANKY1UEAdD0AKRv95NkZigtIt5MScDO/kwPWMBSkio4mb2v5s2UsjAiY3Yy X-Received: by 2002:a05:6830:1e09:: with SMTP id s9mr11287793otr.149.1584118255884; Fri, 13 Mar 2020 09:50:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1584118255; cv=none; d=google.com; s=arc-20160816; b=mr/TZRDbc0PQxlDHOYwrSiS4eCgY7NE5pMj29Whl7Oht2x/n8NoWvoXkMIY4NxNyK2 ZW3mRnH4ShXqM/DizGBQ8tl7eBVfNQo/F6V9JC4PN7hRLKEhr2bX5rhp9Kd8XPBQy+CJ 56BFM02cuHK5rT0RsIEDMDSMkPOMnp6u0vtWNFO7zsNKOsxInvmnBveORKzHlU8nK1SX OLLjwWSLULHnTw7qWOAepq39J8uRfehmYjMImdE5kKVWPU6JTdC2vy3YfYtTXV8M6bPK X/KTgHj7lOt5X1rNexqBSLfWgnBEEeHtHp/zMMIJ1zf9mSKWsPEdXhB+i5GPjjtDcCtp i+Nw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=YGG5XY3Ewg2kr6ydPgEVpPEQe8Bu0vVCZeuUuZTd/eQ=; b=fHlP1EwjqyUs92ujKeVNviCeQqkNCShgjvHklhZZHkTc0++7+tt+ttkaJuDy1U7IvD AWniLvWZyGoeyCdGGYLCcKFIqns7o44TU8qaWA2S2g64v0teXYiivSFKv2v3rAC1+jr4 8X5/QoUvkDvhlViCwMiTWnqmIn8LHT/t6wEpzsrfvUp/1y4GQ8N+lfTm2q49TftdL/Pf 5lyMxaGmAxMoQ8yfbwEENy+NITaC+ZlfKjoYe8XfLzNTcrpFpnMCu7fDaiuqGIY8MNgN jSiMPok5IyxS66r4x6yYXayGIgzP4g1yYVEooRA5SRlggea6ZnDa44yYfCtBOaTC8C+P A8qg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b="WoJn/P9W"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y9si5241525oia.47.2020.03.13.09.50.42; Fri, 13 Mar 2020 09:50:55 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b="WoJn/P9W"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727020AbgCMQtb (ORCPT + 99 others); Fri, 13 Mar 2020 12:49:31 -0400 Received: from mail-ed1-f66.google.com ([209.85.208.66]:35168 "EHLO mail-ed1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726406AbgCMQtb (ORCPT ); Fri, 13 Mar 2020 12:49:31 -0400 Received: by mail-ed1-f66.google.com with SMTP id a20so12720125edj.2 for ; Fri, 13 Mar 2020 09:49:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paul-moore-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=YGG5XY3Ewg2kr6ydPgEVpPEQe8Bu0vVCZeuUuZTd/eQ=; b=WoJn/P9W8ionIJ6xiBiPAmxmGbbYK44xv4IrICoWubAgYlhtkhxUJmVCijstH/13K8 e8sfsXfNGVfsBKnRV0SJuy8a8BZyemhuV3VRdHRn2DarGPfrMqFVOH/OuDqiVr4hokOl UhOrjDnrSoggcD90vmrkTdZGj88Cdu4MhRmnyJ0V4shQjxGwADiObeG6nDXMrC2tX1Sf Zx5guOou8iWTPF16pL8NUnjXXzxYS+GbneCIQZyfvTaduvQymLt4+IWsFLUbJONa/YD2 kXa9vk9xzfHNLaAh621qmRaQsnpJdixash8QTk6Mp+WMhkhfOstdpA5Hj+YyS0gM+Gnv FnoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=YGG5XY3Ewg2kr6ydPgEVpPEQe8Bu0vVCZeuUuZTd/eQ=; b=PeqCqmL4Cp3vPc612H3VP6/mvBUQ/2qqQ5vU+GUmR1FebPOzThu9+YhXH3sB/FzFqZ 7T/5FgF4J5U1h16907+K3FSoTIQWCAb8z3Sz4cPY5zjCPtGLX371RPtntPXtJG3qSAvs XRcxC94GcqmWtNFhVDfNCbEigyFBzIlrvBHYZCXvPbE5mq5vTiofZaV2uNHKRTopd6bu K3CVLnU8JOU7YaeNo87dFg5nvZ0WYJypOXl8P2LZImzgDbp5tqcosQHHtYmkV4JqY4Ab 49dp3qzAXbaraRHDbQgyBhBtrdTmLsoNHKcZmFVJpnzu3umC4qW66FHzAAGPPk/+NOMw SQOA== X-Gm-Message-State: ANhLgQ3RKQ0hSLJ54j+JgIPRhAI6K1TBEDsroWbewNtDSZ9JT3FqANN6 ObiAj6lZQzGlW7PVjg8Hul7pcGKdzzGB9BywVbdR X-Received: by 2002:aa7:dd01:: with SMTP id i1mr14078117edv.164.1584118169827; Fri, 13 Mar 2020 09:49:29 -0700 (PDT) MIME-Version: 1.0 References: <20200312202733.7kli64zsnqc4mrd2@madcap2.tricolour.ca> <2588582.z15pWOfGEt@x2> In-Reply-To: <2588582.z15pWOfGEt@x2> From: Paul Moore Date: Fri, 13 Mar 2020 12:49:18 -0400 Message-ID: Subject: Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling the audit daemon To: Steve Grubb Cc: Richard Guy Briggs , linux-audit@redhat.com, nhorman@tuxdriver.com, linux-api@vger.kernel.org, containers@lists.linux-foundation.org, LKML , dhowells@redhat.com, netfilter-devel@vger.kernel.org, ebiederm@xmission.com, simo@redhat.com, netdev@vger.kernel.org, linux-fsdevel@vger.kernel.org, Eric Paris , mpatel@redhat.com, Serge Hallyn Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Mar 13, 2020 at 12:45 PM Steve Grubb wrote: > On Friday, March 13, 2020 12:42:15 PM EDT Paul Moore wrote: > > > I think more and more, that more complete isolation is being done, > > > taking advantage of each type of namespace as they become available, but > > > I know a nuber of them didn't find it important yet to use IPC, PID or > > > user namespaces which would be the only namespaces I can think of that > > > would provide that isolation. > > > > > > It isn't entirely clear to me which side you fall on this issue, Paul. > > > > That's mostly because I was hoping for some clarification in the > > discussion, especially the relevant certification requirements, but it > > looks like there is still plenty of room for interpretation there (as > > usual). I'd much rather us arrive at decisions based on requirements > > and not gut feelings, which is where I think we are at right now. > > Certification rquirements are that we need the identity of anyone attempting > to modify the audit configuration including shutting it down. Yep, got it. Unfortunately that doesn't really help with what we are talking about. Although preventing the reuse of the ACID before the SIGNAL2 record does help preserve the sanity of the audit stream which I believe to be very important, regardless. -- paul moore www.paul-moore.com