Re: [PATCH 00/58] LSM: Module stacking for AppArmor

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: John Johansen <john.johansen@xxxxxxxxxxxxx>
Subject: Re: [PATCH 00/58] LSM: Module stacking for AppArmor
From: James Morris <jmorris@xxxxxxxxx>
Date: Thu, 6 Jun 2019 08:28:30 +1000 (AEST)
Cc: Stephen Smalley <sds@xxxxxxxxxxxxx>, Casey Schaufler <casey@xxxxxxxxxxxxxxxx>, casey.schaufler@xxxxxxxxx, linux-security-module@xxxxxxxxxxxxxxx, selinux@xxxxxxxxxxxxxxx, keescook@xxxxxxxxxxxx, penguin-kernel@xxxxxxxxxxxxxxxxxxx, paul@xxxxxxxxxxxxxx
In-reply-to: <c27ef338-e8fc-cf60-41ed-3d74352add3d@canonical.com>
References: <20190602165101.25079-1-casey@schaufler-ca.com> <f71388e9-a4c5-8935-137b-8eb50be7f833@tycho.nsa.gov> <42fcfaf2-43a9-642e-2e19-282087c3cdb2@canonical.com> <alpine.LRH.2.21.1906051305370.17052@namei.org> <d86c6f89-39c5-bcf6-6491-96963d1113d3@canonical.com> <alpine.LRH.2.21.1906060653060.20895@namei.org> <c27ef338-e8fc-cf60-41ed-3d74352add3d@canonical.com>
User-agent: Alpine 2.21 (LRH 202 2017-01-01)

On Wed, 5 Jun 2019, John Johansen wrote:

> This does rely on apparmor doing its own namespacing and bounding. LSM
> stacking just allows us to start doing this with apparmor containers
> on smack and selinux based systems.

Ahh, ok, I thought you were using an LSM stack for each container.

-- 
James Morris
<jmorris@xxxxxxxxx>

References:
- [PATCH 00/58] LSM: Module stacking for AppArmor
  - From: Casey Schaufler
- Re: [PATCH 00/58] LSM: Module stacking for AppArmor
  - From: Stephen Smalley
- Re: [PATCH 00/58] LSM: Module stacking for AppArmor
  - From: John Johansen
- Re: [PATCH 00/58] LSM: Module stacking for AppArmor
  - From: James Morris
- Re: [PATCH 00/58] LSM: Module stacking for AppArmor
  - From: John Johansen
- Re: [PATCH 00/58] LSM: Module stacking for AppArmor
  - From: James Morris
- Re: [PATCH 00/58] LSM: Module stacking for AppArmor
  - From: John Johansen

Prev by Date: Re: [PATCH 00/58] LSM: Module stacking for AppArmor
Next by Date: Re: [RFC PATCH 6/9] x86/sgx: Require userspace to provide allowed prots to ADD_PAGES
Previous by thread: Re: [PATCH 00/58] LSM: Module stacking for AppArmor
Next by thread: [RFC PATCH 0/9] security: x86/sgx: SGX vs. LSM
Index(es):
- Date
- Thread

[Index of Archives] [Selinux Refpolicy] [Linux SGX] [Fedora Users] [Fedora Desktop] [Yosemite Photos] [Yosemite Camping] [Yosemite Campsites] [KDE Users] [Gnome Users]