Hello. Regarding LSM infrastructure in Linux kernels, we are getting close to run multiple LSM modules in parallel. At Linux Security Summit (2012/8/31), we had a discussion and a demonstration by Casey Schaufler (who is the author of SMACK) on running multiple LSM modules in parallel and attendee agreed on proceeding to that direction. From September, Casey has been posting patches for making it possible and we are now discussing version 6 of the patches. (The version 6 of the patches seems to be too large to be archived by the ML.) Along with changes to run multiple LSM modules in parallel, I'm proposing for legally allowing LKM-based LSM modules which was possible until Linux 2.6.23. If a LKM is evil, that module will be able to not only hijack the LSM infrastructure but also do whatever that module wants to do. Therefore, I think that the choice of disallowing LKM-based LSM modules caused more troubles than it solved. http://marc.info/?l=linux-security-module&m=135230137022310&w=2 Please see "[tomoyo-users-en 220] AKARI 1.0 released." ( http://sourceforge.jp/projects/tomoyo/lists/archive/users-en/2010-October/000219.html ) for history. I have been thinking since before this discussion that "Label based access control alone is not sufficient. Name based access control alone is not sufficient. It is important that we can run both in parallel and therefore LSM needs to be changed to allow running multiple LSM modules in parallel", and now we are getting closer to it. My proposal for "allowing runtime loading of LKM-based LSM module which implements only what users need" might be also come true (not sure, but so far no objections). Below are updates on "[tomoyo-users-en 418] Various news regarding TOMOYO Linux" ( http://sourceforge.jp/projects/tomoyo/lists/archive/users-en/2011-November/000417.html ). The output of drastic overhaul explained at the bottom of the news was released as CaitSith, and I introduced CaitSith at this year's LinuxCon North America and Linux Security Summit. Development of TOMOYO/AKARI/CaitSith became slow because I'm maintaining these using only leisure hours since this April. Please wait restfully like ARIA's world (where AKARI and CaitSith are living). Of course, feedbacks are welcome. While I'm providing TOMOYO 1.7 binary packages repository for x86_32 architecture, TOMOYO 1.7 supports only kernels up to 2.6.37. Many distributions using 2.6.37 and earlier kernels reached end of life, and there are quite few downloads for TOMOYO 1.7 binary packages repository. Therefore, I think it may be time to discontinue TOMOYO 1.7 binary packages repository. If you still need it, please let me know by the end of this month. Below are the latest tarballs. ccs-patch-1.8.3-20121111.tar.gz MD5: 77772512cf915c3aeb30a9800aa74bf8 akari-1.0.29-20121104.tar.gz MD5: 0000c715b3d97355529cdd01b0d6c666 caitsith-patch-0.1-20121101.tar.gz MD5: 2222bdd8dab49994d919699cdd69a610
TOMOYO
Fork