[rsbac] Re: Thoughts on the "No Linux Security Modules framework"
old claims
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Wed Feb 16 05:21:54 CET 2005
On Tue, 15 Feb 2005 23:38:09 +0100, Lorenzo =?ISO-8859-1?Q?Hern=E1ndez_?= =?ISO-8859-1?Q?Garc=EDa-Hierro?= said:
> Yes, and that's noticed from the "official" documentation.
> But, who says that we can't place auditing facilities inside the
> existing hooks? or even file system linking related tweaks?
Many auditing policies require an audit event to be generated if the operation
is rejected by *either* the DAC (as implemented by the file permissions
and possibly ACLs) *or* the MAC (as implemented by the LSM exit). However,
in most (all?) cases, the DAC check is made *first*, and the LSM exit isn't
even called if the DAC check fails. As a result, if you try to open() a file
and get -EPERM due to the file permissions, the LSM exit isn't called and
you can't cut an audit record there.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.rsbac.org/pipermail/rsbac/attachments/20050215/d0fc6068/attachment.bin
More information about the rsbac
mailing list