[rsbac] Re: Thoughts on the "No Linux Security Modules framework" old claims

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Wed Feb 16 05:21:54 CET 2005

On Tue, 15 Feb 2005 23:38:09 +0100, Lorenzo =?ISO-8859-1?Q?Hern=E1ndez_?= =?ISO-8859-1?Q?Garc=EDa-Hierro?= said:

> Yes, and that's noticed from the "official" documentation.
> But, who says that we can't place auditing facilities inside the
> existing hooks? or even file system linking related tweaks?

Many auditing policies require an audit event to be generated if the operation
is rejected by *either* the DAC (as implemented by the file permissions
and possibly ACLs) *or* the MAC (as implemented by the LSM exit).  However,
in most (all?) cases, the DAC check is made *first*, and the LSM exit isn't
even called if the DAC check fails.  As a result, if you try to open() a file
and get -EPERM due to the file permissions, the LSM exit isn't called and
you can't cut an audit record there.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.rsbac.org/pipermail/rsbac/attachments/20050215/d0fc6068/attachment.bin

More information about the rsbac mailing list