On Fri, 16 Nov 2007, Eric Paris wrote: > On Sat, 2007-11-17 at 08:47 +1100, James Morris wrote: > > On Fri, 16 Nov 2007, Eric Paris wrote: > > > > > On a kernel with CONFIG_SECURITY but without an LSM which implements > > > security_file_mmap it is impossible for an application to mmap addresses > > > lower than mmap_min_addr. > > > > Actually, should we be doing any checking in the dummy module, given that > > it is not done with !CONFIG_SECURITY ? > > I'm not sure I understand the question. We already do a number of > capable type security checks in dummy functions. See dummy_settime() as > just one example. I mean just in this case. If no mmap_min_addr check is done without CONFIG_SECURITY, then perhaps none should be done in the dummy module, i.e. preserving existing behavior. LSM is theoretically supposed to be unnoticable from a behavioral pov unless a non-dummy module is loaded. > > If we have !CONFIG_SECURITY we don't have any security protections (how > could we? we turned them off) so we don't get into dummy hooks. If we > do checks or not in uncompiled code doesn't seem to me to matter. > > Maybe I'm just confused... > > -Eric > -- James Morris <jmorris@xxxxxxxxx> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
