Re: LSM root_plug module questions

• Previous message: Mark Underwood: "Re: SPI redux ... driver model support"
• In reply to: Chris Wright: "Re: LSM root_plug module questions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: chrisw@osdl.org
Date:	Wed, 31 Aug 2005 10:04:04 +0200

Chris Wright (chrisw@osdl.org) wrote:
> * David Härdeman (david@2gen.com) wrote:
> > I'm currently playing around with the security/root_plug.c LSM module
> you'll have better luck on the lsm list

Thanks for the pointer

> > 1) What's the recommended way of telling that someone is logging in to
> > the computer (via ssh, virtual console, serial console, X, whatever)
> > with LSM? Look for open() on /dev/pts?
>
> logging in...this is really a userspace notion, so via PAM. creating a
> new process or changing credentials of a new process are the types of
> things that lsm watches (and of course, opening of files).

Yes, I realized that by reading the include/linux/security.h comments
describing the security hooks. The question is rather if there is something
which all the different methods of logging in have in common that can be
caught with a LSM hook?

> > 2) root_plug currently scans the usb device tree looking for the
> > appropriate device each time it's needed. In the interest of making the
> > result of the lookup cached, it is possible for a module to register so
> > that it is notified when a usb device is added/removed?
>
> I don't think that can be done in a race free manner. Perhaps get the
> device and check its state, but you'd have to ask usb folks. ATM, it's
> only checked during exec of root process.

The reason that I wanted to do caching is that I want to add more checks
to the root_plug module. For instance, to deny all socket accept() and
connect() calls when the USB module is missing (to not break already
established connections but not allow any new ones, e.g. to lock out any
new SSH sessions).

I'm assuming that this could introduce the need for some kind of caching
of the results of the USB-device-present check as the number of checks
increase.

Regards,
David

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

• Previous message: Mark Underwood: "Re: SPI redux ... driver model support"
• In reply to: Chris Wright: "Re: LSM root_plug module questions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: [PATCH 2.6.11-rc3-mm2] connector: Add a fork connector ... On Mon, 2005-02-21 at 08:07 +0100, Guillaume Thouvenin wrote: ... My first implementation was with LSM but Chris Wright ... not the case) or LSM logging facility. ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel) Re: [PATCH] [request for inclusion] Realtime LSM ... > need root to configure the LSM anyway.. ... Yes but a bug in an app running as root can trash the filesystem. ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel) Re: [PATCH] implement in-kernel keys & keyring management ... > documentation and I've commented the code more thoroughly. ... We need to look at the implications for LSM, ... James Morris ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel) Re: [PATCH] [request for inclusion] Realtime LSM ... > need root to configure the LSM anyway.. ... Yes but a bug in an app running as root can trash the filesystem. ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel) Re: [PATCH] 3 of 5 IMA: LSM-based measurement code ... >> of access control is not eligible for an LSM? ... authentication decisions within a single kernel module, ... send the line "unsubscribe linux-kernel" in ... (Linux-Kernel)