On 12/12/2012 9:47 AM, Eric Paris wrote: > On Wed, Dec 12, 2012 at 12:31 PM, Casey Schaufler > <casey@xxxxxxxxxxxxxxxx> wrote: > >> We can't undo the sins of the past regarding /proc/.../attr. > Agreed > >> With >> the scheme I'm putting forth you can have a working system with both >> SELinux and AppArmor if either runtime understands the multiple LSM >> environment. > Agreed. (assuming the command line option was configured to present > the one that doesn't understand) > >> If neither understands, at least one will have trouble. > Agreed. I'm just of the belief the 'trouble' should be 'fails > completely' rather than 'fails partially' trying to use > /proc/self/attr... Configure None as the presented LSM and all legacy userspace will fail. Trouble for all. > >> On a slightly different note, do we need a liblsm with interfaces like: >> >> int lsm_presented(char *presented) >> int lsm_supported(char *lsmname) >> >> so you're not reading the files directly? > If I have new enough userspace to call such functions, do I need them? > Doesn't seem I need presented. I can always use the selinux.* > version of attr files. Maybe lsm_supported is slightly useful. We > don't have to parse /proc/filesystems looking for selinuxfs. I guess > that'd be faster, but I don't know if others would use it... > > -- > This message was distributed to subscribers of the selinux mailing list. > If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with > the words "unsubscribe selinux" without quotes as the message. > -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
