[PLUG] [Fwd: Re: SELinux and non-ext[23] file systems]

LeRoy Cressy on Thu, 22 Nov 2001 20:00:11 +0100

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] [Fwd: Re: SELinux and non-ext[23] file systems]

From: LeRoy Cressy <lcressy@telocity.com>

To: Plug <plug@lists.phillylinux.org>

Subject: [PLUG] [Fwd: Re: SELinux and non-ext[23] file systems]

Date: Thu, 22 Nov 2001 13:21:42 -0500

Organization: L & R Associates

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

Iknow that a lot of the group is using the Reiser FS and I reseived this today and I thought that some would be interested. -------- Original Message -------- Subject: Re: SELinux and non-ext[23] file systems Date: Thu, 22 Nov 2001 13:36:39 +0300 From: Hans Reiser <reiser@namesys.com> To: Harald von Fellenberg - Sun Switzerland Zurich - Technology Strategy Office <Harald.Von-Fellenberg@sun.com> CC: sds@tislabs.com, selinux@tycho.nsa.gov,Reiserfs developers mail-list <reiserfs-dev@namesys.com> References: <200111191615.fAJGFHE02817@zurich-mail1.Swiss.Sun.COM> Harald von Fellenberg - Sun Switzerland Zurich - Technology Strategy Office wrote: >IT WORKS ON REISERFS!!! > >Why did you not tell me before ... :-) >I will now invest my brain cycles on making the utils compile under Suse 7.x > >Thanks and regards > >Harald >PS here my patch :-) > >--- setfiles/Makefile.orig Wed Jul 18 22:38:11 2001 >+++ setfiles/Makefile Mon Nov 19 16:19:18 2001 >@@ -9,6 +9,7 @@ > > relabel: $(FILECONTEXTS) setfiles > ./setfiles $(FILECONTEXTS) `mount | awk '/ext2/{print $$3}'` >+ ./setfiles $(FILECONTEXTS) `mount | awk '/reiserfs/{print $$3}'` > touch relabel > > install: relabel > >>On Mon, 19 Nov 2001, Harald von Fellenberg - Sun Switzerland Zurich - >> >Technology Strategy Office wrote: > >>>This said, I would like to re-raise the importance of non-ext2 file system >>>support, notably ReiserFS. It has been pointed out before, by Stephen >>> >Smalley, > >>>that this should in principle be easy to integrate (the per-node sec context >>>needs to be stored in a file rather than in an unused field of the on-disk >>> >inode > >>>structure). However, I am not aware of anyone tackling this implementation. >>> >>Only the original SELinux prototype was limited to the ext2 filesystem, >>due to the use of a spare field in the on-disk ext2 inode to store the >>persistent security identifier (PSID). When we transitioned to LSM, we >>extended the persistent label mapping to maintain the inode-to-PSID >>mapping as a regular file because LSM does not provide filesystem-specific >>hooks. Hence, the LSM-based SELinux prototype should be able to use >>ReiserFS, although we haven't tried it. >> >>-- >>Stephen D. Smalley, NAI Labs >>ssmalley@nai.com >> >> >> >> >> >>-- >>You have received this message because you are subscribed to the selinux list. >>If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with >>the words "unsubscribe selinux" without quotes as the message. >> > >********************************************************** > Dr. Harald von Fellenberg > Chief Technologist Global Sales Organisation > Tel: +41 1 908 9230 Sun Microsystems (Schweiz) AG > Fax: +41 1 908 9001 Javastr. 2 > Mobile: +41 79 349 0393 CH-8604 Volketswil > mailto:harald.von-fellenberg@sun.com >********************************************************** > > >-- >You have received this message because you are subscribed to the selinux list. >If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with >the words "unsubscribe selinux" without quotes as the message. > > Please let me know if you need anything from the reiserfs team to assist you in integrating SE Linux and reiserfs. Also, if you are interested in producing anything that might go into our faq, or as a patch on our download page, let me know. If anyone involved in SE Linux is interested in working with us, let me encourage you to view www.namesys.com/v4/v4.html, and feel free to ask us to add new features that make your work easier. Hans -- You have received this message because you are subscribed to the selinux list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ______________________________________________________________________ Philadelphia Linux Users Group - http://www.phillylinux.org Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce General Discussion - http://lists.phillylinux.org/mail/listinfo/plug

Prev by Date: Re: [PLUG] two questions...

Next by Date: Re: [PLUG] two questions...

Previous by thread: Re: [PLUG] IPMASQ (Debian Way)

Next by thread: [PLUG] KDE sound

Index(es):

Date

Thread