Menu
▾
▴
Re: [Linux-ima-user] [RFC][PATCH V2][1/1] ima: extending the format of the measurement list
|
From: Mimi Z. <zo...@li...> - 2010-04-29 13:37:06
|
On Tue, 2010-04-27 at 18:49 +0200, Roberto Sassu wrote: > For me, LSM labels can be useful only by accepting these restrictions: > > 1) the target system is running EVM to protect labels against offline attacks; > 2) the system is running SELInux as Mandatory access control (SMACK doesn't have > a reference policy); > 3) the policy enforced is that shipped with the distribution or it is a particular > version of the refpolicy downloaded from Tresys; in this way its digest can be > recognized by the verifier; > 4) the relabeling procedure is executed each time the policy is updated. > > These additional information can give to verifier the possibility to distinguish > between violations and to determine if the integrity of the overall system must be > considered compromised or if the supposed attack involved uncritical components. > For example, if the violation has a subject label like "local_login_t" or "sshd_t", we > can assert that we are in the first case Ok, so this additional information might be useful in some situations, but not all. How about a verbose/long template format option? What else needs to be included? thanks, Mimi |
