Received: by 2002:a25:e7d8:0:0:0:0:0 with SMTP id e207csp1928959ybh;
        Fri, 13 Mar 2020 09:50:56 -0700 (PDT)
X-Google-Smtp-Source: ADFU+vs1MPPAVYX+KANKY1UEAdD0AKRv95NkZigtIt5MScDO/kwPWMBSkio4mb2v5s2UsjAiY3Yy
X-Received: by 2002:a05:6830:1e09:: with SMTP id s9mr11287793otr.149.1584118255884;
        Fri, 13 Mar 2020 09:50:55 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1584118255; cv=none;
        d=google.com; s=arc-20160816;
        b=mr/TZRDbc0PQxlDHOYwrSiS4eCgY7NE5pMj29Whl7Oht2x/n8NoWvoXkMIY4NxNyK2
         ZW3mRnH4ShXqM/DizGBQ8tl7eBVfNQo/F6V9JC4PN7hRLKEhr2bX5rhp9Kd8XPBQy+CJ
         56BFM02cuHK5rT0RsIEDMDSMkPOMnp6u0vtWNFO7zsNKOsxInvmnBveORKzHlU8nK1SX
         OLLjwWSLULHnTw7qWOAepq39J8uRfehmYjMImdE5kKVWPU6JTdC2vy3YfYtTXV8M6bPK
         X/KTgHj7lOt5X1rNexqBSLfWgnBEEeHtHp/zMMIJ1zf9mSKWsPEdXhB+i5GPjjtDcCtp
         i+Nw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=YGG5XY3Ewg2kr6ydPgEVpPEQe8Bu0vVCZeuUuZTd/eQ=;
        b=fHlP1EwjqyUs92ujKeVNviCeQqkNCShgjvHklhZZHkTc0++7+tt+ttkaJuDy1U7IvD
         AWniLvWZyGoeyCdGGYLCcKFIqns7o44TU8qaWA2S2g64v0teXYiivSFKv2v3rAC1+jr4
         8X5/QoUvkDvhlViCwMiTWnqmIn8LHT/t6wEpzsrfvUp/1y4GQ8N+lfTm2q49TftdL/Pf
         5lyMxaGmAxMoQ8yfbwEENy+NITaC+ZlfKjoYe8XfLzNTcrpFpnMCu7fDaiuqGIY8MNgN
         jSiMPok5IyxS66r4x6yYXayGIgzP4g1yYVEooRA5SRlggea6ZnDa44yYfCtBOaTC8C+P
         A8qg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b="WoJn/P9W";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id y9si5241525oia.47.2020.03.13.09.50.42;
        Fri, 13 Mar 2020 09:50:55 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@paul-moore-com.20150623.gappssmtp.com header.s=20150623 header.b="WoJn/P9W";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727020AbgCMQtb (ORCPT <rfc822;krseo358@gmail.com> + 99 others);
        Fri, 13 Mar 2020 12:49:31 -0400
Received: from mail-ed1-f66.google.com ([209.85.208.66]:35168 "EHLO
        mail-ed1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726406AbgCMQtb (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 13 Mar 2020 12:49:31 -0400
Received: by mail-ed1-f66.google.com with SMTP id a20so12720125edj.2
        for <linux-kernel@vger.kernel.org>; Fri, 13 Mar 2020 09:49:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=paul-moore-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=YGG5XY3Ewg2kr6ydPgEVpPEQe8Bu0vVCZeuUuZTd/eQ=;
        b=WoJn/P9W8ionIJ6xiBiPAmxmGbbYK44xv4IrICoWubAgYlhtkhxUJmVCijstH/13K8
         e8sfsXfNGVfsBKnRV0SJuy8a8BZyemhuV3VRdHRn2DarGPfrMqFVOH/OuDqiVr4hokOl
         UhOrjDnrSoggcD90vmrkTdZGj88Cdu4MhRmnyJ0V4shQjxGwADiObeG6nDXMrC2tX1Sf
         Zx5guOou8iWTPF16pL8NUnjXXzxYS+GbneCIQZyfvTaduvQymLt4+IWsFLUbJONa/YD2
         kXa9vk9xzfHNLaAh621qmRaQsnpJdixash8QTk6Mp+WMhkhfOstdpA5Hj+YyS0gM+Gnv
         FnoA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=YGG5XY3Ewg2kr6ydPgEVpPEQe8Bu0vVCZeuUuZTd/eQ=;
        b=PeqCqmL4Cp3vPc612H3VP6/mvBUQ/2qqQ5vU+GUmR1FebPOzThu9+YhXH3sB/FzFqZ
         7T/5FgF4J5U1h16907+K3FSoTIQWCAb8z3Sz4cPY5zjCPtGLX371RPtntPXtJG3qSAvs
         XRcxC94GcqmWtNFhVDfNCbEigyFBzIlrvBHYZCXvPbE5mq5vTiofZaV2uNHKRTopd6bu
         K3CVLnU8JOU7YaeNo87dFg5nvZ0WYJypOXl8P2LZImzgDbp5tqcosQHHtYmkV4JqY4Ab
         49dp3qzAXbaraRHDbQgyBhBtrdTmLsoNHKcZmFVJpnzu3umC4qW66FHzAAGPPk/+NOMw
         SQOA==
X-Gm-Message-State: ANhLgQ3RKQ0hSLJ54j+JgIPRhAI6K1TBEDsroWbewNtDSZ9JT3FqANN6
        ObiAj6lZQzGlW7PVjg8Hul7pcGKdzzGB9BywVbdR
X-Received: by 2002:aa7:dd01:: with SMTP id i1mr14078117edv.164.1584118169827;
 Fri, 13 Mar 2020 09:49:29 -0700 (PDT)
MIME-Version: 1.0
References: <cover.1577736799.git.rgb@redhat.com> <20200312202733.7kli64zsnqc4mrd2@madcap2.tricolour.ca>
 <CAHC9VhS9DtxJ4gvOfMRnzoo6ccGJVKL+uZYe6qqH+SPqD8r01Q@mail.gmail.com> <2588582.z15pWOfGEt@x2>
In-Reply-To: <2588582.z15pWOfGEt@x2>
From:   Paul Moore <paul@paul-moore.com>
Date:   Fri, 13 Mar 2020 12:49:18 -0400
Message-ID: <CAHC9VhQ7hFc8EqrEojmjQriWtKkqjPyzWrnrc_eVKjcYhhV8QQ@mail.gmail.com>
Subject: Re: [PATCH ghak90 V8 07/16] audit: add contid support for signalling
 the audit daemon
To:     Steve Grubb <sgrubb@redhat.com>
Cc:     Richard Guy Briggs <rgb@redhat.com>, linux-audit@redhat.com,
        nhorman@tuxdriver.com, linux-api@vger.kernel.org,
        containers@lists.linux-foundation.org,
        LKML <linux-kernel@vger.kernel.org>, dhowells@redhat.com,
        netfilter-devel@vger.kernel.org, ebiederm@xmission.com,
        simo@redhat.com, netdev@vger.kernel.org,
        linux-fsdevel@vger.kernel.org, Eric Paris <eparis@parisplace.org>,
        mpatel@redhat.com, Serge Hallyn <serge@hallyn.com>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Mar 13, 2020 at 12:45 PM Steve Grubb <sgrubb@redhat.com> wrote:
> On Friday, March 13, 2020 12:42:15 PM EDT Paul Moore wrote:
> > > I think more and more, that more complete isolation is being done,
> > > taking advantage of each type of namespace as they become available, but
> > > I know a nuber of them didn't find it important yet to use IPC, PID or
> > > user namespaces which would be the only namespaces I can think of that
> > > would provide that isolation.
> > >
> > > It isn't entirely clear to me which side you fall on this issue, Paul.
> >
> > That's mostly because I was hoping for some clarification in the
> > discussion, especially the relevant certification requirements, but it
> > looks like there is still plenty of room for interpretation there (as
> > usual).  I'd much rather us arrive at decisions based on requirements
> > and not gut feelings, which is where I think we are at right now.
>
> Certification rquirements are that we need the identity of anyone attempting
> to modify the audit configuration including shutting it down.

Yep, got it.  Unfortunately that doesn't really help with what we are
talking about.  Although preventing the reuse of the ACID before the
SIGNAL2 record does help preserve the sanity of the audit stream which
I believe to be very important, regardless.

-- 
paul moore
www.paul-moore.com