Re: [PATCH 3/4] integrity: Linux Integrity Module(LIM)

On Wed, Aug 13, 2008 at 5:29 AM, Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote:
On Tue, Aug 12, 2008 at 06:41:16PM +1000, Peter Dolding wrote:
We really do need to get credentials patch in to common store all this
permission/secuirty data.. With a section for integrity related
entries.

Anti-Virus Passes and fails, signed running programs support and so on.

Lot of different things need ways of recording integrity status's.
Users also need to know if a application does not work is it TPM is it
Anti-virus is it lack of signature.

Peter, please read up what the credentials patches do, or how struct
cred/ucred is used in SVR4 and BSD for the last 20 years. It is useful,
but it's not going to help with any of the strange thigns the AV or
Integrity people are doing.

The Issue I have. By your answer you have not. Credentials patch
for Linux allows more than the BSD one does. Linux one is a complete
permission storage replacement.

http://linux.derkeiler.com/Mailing-Lists/Kernel/2008-08/msg02682.html

Note the file credentials one. That is reused by FS Cache and it
creates fake inodes. So worst case event LIM blocks a valid file
because its coming from cache.

"vfs_permission and file_permission are just small wrappers around
inode_permission." No longer both go to inote_permission after the
credentials patch is in. file_permission instead goes to credentials
struct connected to the inode. Most calls to inode_permission end up
wrapped to the credentials struct.

Basically by the way Linux Credentials patch is being done.
inode_permission could completely cease to exist. Completely
replaced by the credentials structure.

Each filesystem having its own cache is one reason why Linux
Credentials Patch is being brought into live. So a single cache can
store all the need information of the OS and for the file system.
Even better operate on filesystems lacking all the need permission
structs using a userspace program to fill in some of the blanks.

LSM's in Credentials can there own protected data sets since all
alterations to Credentials by the user space deamon have to go past
LSM for approval or rejection. Linux Credentials only need a extra
protected zone added to cover you LIM needs and AV needs to store
data.

In simple terms permissions stored in inodes is basically deprecated
by Linux's Credentials patch.

Sorting out the Credentials patch is kinda key. Nothing you AV or
Integrity people is strange to the Linux Credentials patch. Without
embracing requires more processing when pulling data from a common
cache that has already been AV or Integrity scanned and maintained in
that state. Now its really designing the struct that should exist in
Credentials.

Peter Dolding
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Relevant Pages

  • Re: Access denied. You do not have permission to perform this action or access this resource.
    ... message when you try to connect to a Windows SharePoint Services Web ... I have brand new credentials on the server, not the "same" name as the ... Please let me know if other users with administrator permission can ... If you change the site owner to another user with administrator ...
    (microsoft.public.sharepoint.windowsservices)
  • Re: Win2003 server IIS 6.0 ASP 3.0 weird reading text files
    ... IE will pass credentials and the others ... Permission is a big issue. ... That means it could be running as the anonymous user under one ... Jeff ...
    (microsoft.public.inetserver.iis)
  • Re: Authentication/Impersonation Inconsistency
    ... Each of the files having only 1 different user given> permission. ... > 1) Sometimes things happen as expected where, when moving from apsx to aspx,> I get promted for the username/password/domain and with the proper> credentials get permission. ... But all of a sudden it stops working and am not> given access when retrying with the same credentials on the same aspx page> when nothing has changed. ... > 2) When provided access via the username/login/domain credentials all other> pages that are accessed use that last set of credentials instead of the> original, that being what the user is logged into the machine as. ...
    (microsoft.public.dotnet.security)
  • Re: preventing run-as option
    ... For example employee A is given the permission and B does not have ... Prevent any user from having any other user's credentials. ... EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE ... The NSA has designated Norwich University a center of Academic Excellence ...
    (Security-Basics)
  • Re: Credentials test patch
    ... Here's a new version of my credentials patch. ... arch kernel. ... The patched kernel compiles, links and runs. ...
    (Linux-Kernel)