Re: IMA appraisal master plan?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: IMA appraisal master plan?
From: Mimi Zohar <zohar@xxxxxxxxxxxxxxxxxx>
Date: Tue, 21 Nov 2017 10:53:33 -0500
Cc: Matthew Garrett <mjg59@xxxxxxxxxx>, linux-integrity <linux-integrity@xxxxxxxxxxxxxxx>, linux-security-module <linux-security-module@xxxxxxxxxxxxxxx>, Silviu Vlasceanu <silviu.vlasceanu@xxxxxxxxxx>, "Safford, David (GE Global Research, US)" <david.safford@xxxxxx>, Stephen Smalley <sds@xxxxxxxxxxxxx>
In-reply-to: <e84b74a4-be06-8c15-5bbe-c4e7ee8abe42@huawei.com>

On Tue, 2017-11-21 at 16:25 +0100, Roberto Sassu wrote:

> In the next version of the patch set 'ima: preserve integrity of dynamic
> data', I will introduce the policy low watermark for objects. Instead of
> denying writing of mutable files by processes outside the TCB, IMA will
> allow the operation and demote those files (remove the HMAC).

There has been no consensus for the existing patch set you've posted.
In fact, everyone who has responded said to make it a separate LSM.
Extending the patch set makes no sense.

Mimi

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

References:
- [PATCH V6] EVM: Add support for portable signature format
  - From: Matthew Garrett
- IMA appraisal master plan? (was: Re: [PATCH V6] EVM: Add support for portable signature format)
  - From: Patrick Ohly
- Re: IMA appraisal master plan? (was: Re: [PATCH V6] EVM: Add support for portable signature format)
  - From: Matthew Garrett
- Re: IMA appraisal master plan? (was: Re: [PATCH V6] EVM: Add support for portable signature format)
  - From: Patrick Ohly
- Re: IMA appraisal master plan? (was: Re: [PATCH V6] EVM: Add support for portable signature format)
  - From: James Morris
- Re: IMA appraisal master plan? (was: Re: [PATCH V6] EVM: Add support for portable signature format)
  - From: Matthew Garrett
- Re: IMA appraisal master plan? (was: Re: [PATCH V6] EVM: Add support for portable signature format)
  - From: Mimi Zohar
- Re: IMA appraisal master plan?
  - From: Roberto Sassu
- Re: IMA appraisal master plan?
  - From: Mimi Zohar
- Re: IMA appraisal master plan?
  - From: Roberto Sassu
- Re: IMA appraisal master plan?
  - From: James Morris
- Re: IMA appraisal master plan?
  - From: Patrick Ohly
- Re: IMA appraisal master plan?
  - From: Roberto Sassu
- Re: IMA appraisal master plan?
  - From: Mimi Zohar
- Re: IMA appraisal master plan?
  - From: Roberto Sassu

Prev by Date: Re: IMA appraisal master plan?
Next by Date: Re: [PATCH] tpm: Add explicit chip->ops locking for sysfs attributes.
Previous by thread: Re: IMA appraisal master plan?
Next by thread: [PATCH V4] EVM: Allow userland to permit modification of EVM-protected metadata
Index(es):
- Date
- Thread

[Index of Archives] [Linux Kernel] [Linux Kernel Hardening] [Linux NFS] [Linux NILFS] [Linux USB Devel] [Video for Linux] [Linux Audio Users] [Yosemite News] [Linux SCSI]