Re: security_task_getsecid() and subjective vs objective task creds

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Feb 18, 2021 at 4:40 PM Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote:
> On 2/18/2021 11:34 AM, Paul Moore wrote:

...

> > How do we want to fix this?  The obvious fix is to change the SELinux,
> > AppArmor, and Smack security_task_getsecid() implementations to return
> > the subjective security ID (->cred), and likely make a note in
> > lsm_hooks.h,
>
> That would be my choice.

As I've dug into this more, it does look like that is closest to being
correct, but there are still a few callers where it looks like the
objective creds are needed.  I think the correct thing to do is
convert the existing hook to use the subjective creds and add a
"_subj" at the end, while also creating a new
security_task_getsecid_obj() hook to return the objective cred and
updating those few callers that need it.

I'll see about making the associated changes to the Smack and AppArmor
code too, but that will obviously need some heavy review by you and
John.

--
paul moore
www.paul-moore.com



[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux