Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755229Ab0KUR5M (ORCPT ); Sun, 21 Nov 2010 12:57:12 -0500 Received: from smtp1.linux-foundation.org ([140.211.169.13]:50616 "EHLO smtp1.linux-foundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754941Ab0KUR5K (ORCPT ); Sun, 21 Nov 2010 12:57:10 -0500 MIME-Version: 1.0 In-Reply-To: <1290345498.2412.38.camel@localhost.localdomain> References: <1290121382-4039-1-git-send-email-zohar@linux.vnet.ibm.com> <20101119175053.GC29148@fieldses.org> <1290345498.2412.38.camel@localhost.localdomain> From: Linus Torvalds Date: Sun, 21 Nov 2010 09:56:17 -0800 Message-ID: Subject: Re: [PATCH v1.2 0/5] IMA: making i_readcount a first class inode citizen (reposting) To: Mimi Zohar Cc: "J. Bruce Fields" , linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-fsdevel@vger.kernel.org, jmorris@namei.org, akpm@linux-foundation.org, eparis@redhat.com, viro@zeniv.linux.org.uk, Dave Chinner , David Safford Content-Type: text/plain; charset=ISO-8859-1 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 909 Lines: 19 On Sun, Nov 21, 2010 at 5:18 AM, Mimi Zohar wrote: > > IMA (and the proposed EVM/IMA-appraisal patches) detects file change > based on i_version. When the file is closed, if the file has changed, > IMA marks the file as needing to be re-measured. Of course this requires > the filesystem to be mounted with iversion. Don't know if this helps. If you only do this at close time, I see a _major_ security hole. The attacker can just write to the file, and keep it open. Ta-daa, everybody who reads it sees the new contents, but your IMA logic is oblivious and thinks it doesn't need to be re-measured. Linus -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/