Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753270AbZGVKIU (ORCPT ); Wed, 22 Jul 2009 06:08:20 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1751832AbZGVKIT (ORCPT ); Wed, 22 Jul 2009 06:08:19 -0400 Received: from tundra.namei.org ([65.99.196.166]:56266 "EHLO tundra.namei.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751493AbZGVKIT (ORCPT ); Wed, 22 Jul 2009 06:08:19 -0400 Date: Wed, 22 Jul 2009 20:06:47 +1000 (EST) From: James Morris To: James Carter cc: Eric Paris , linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, selinux@tycho.nsa.gov, Stephen Smalley , spender@grsecurity.net, Daniel J Walsh , cl@linux-foundation.org, Arjan van de Ven , Alan Cox , kees@outflux.net, Chad Sellers , Tetsuo Handa Subject: Re: mmap_min_addr and your local LSM (ok, just SELinux) In-Reply-To: <1248187482.19456.90.camel@moss-lions.epoch.ncsc.mil> Message-ID: References: <1248132223.2654.278.camel@localhost> <1248187482.19456.90.camel@moss-lions.epoch.ncsc.mil> User-Agent: Alpine 2.00 (LRH 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 732 Lines: 21 On Tue, 21 Jul 2009, James Carter wrote: > Agreed. That guarantee has been stated from the very beginning for > SELinux; we shouldn't move away from it. Are there other places where > having an LSM weakens security by default? There's a similar form of hook in vm_enough_memory, but the SELinux module calls the DAC capability check first, so it seems ok from a policy writer's point of view (i.e. worst case is they revert to DAC). - James -- James Morris -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/