887:
397:
899:
873:
216:
In 2006, some kernel developers observed that SELinux was the only widely used LSM module included in the mainstream Linux kernel source tree. If there is to be only one widely used LSM module, it was reasoned, then the indirection of LSM is unnecessary, and LSM should be removed and replaced with
181:
rejected SELinux at that time, because he observed that there are many different security projects in development, and since they all differ, the security community has not yet formed consensus on the ultimate security model. Instead, Linus charged the security community to "make it a module".
116:, but is subtly different. Auditing requires that every attempt at access be recorded. LSM cannot deliver this, because it would require a great many more hooks, in order to detect cases where the kernel "
90:" (upcalls to the module) at every point in the kernel where a user-level system-call is about to result with an access to an important internal kernel-object like inodes and task control blocks.
193:
so as to allow the module to enforce mandatory access controls. Development of LSM over the next two years was conducted by the LSM community, including substantial contributions from the
582:
237:, etc.), so this argument led to two results: 1. that developers of these modules started putting effort into upstreaming their respective modules, and 2. at the 2006
213:, and many independent contributors. LSM was ultimately accepted into the Linux kernel mainstream and was included as a standard part of Linux 2.6 in December 2003.
587:
612:
131:
which studied automatic static analysis of the kernel code to verify that all of the necessary hooks have actually been inserted into the Linux kernel.
833:
106:
891:
846:
402:
429:
930:
856:
597:
572:
222:
592:
461:
189:
proposed LSM: an interface for the Linux kernel that provides sufficient "hooks" (upcalls) from within the Linux kernel to a
549:
851:
150:
51:
544:
241:, Linus once again asserted that LSM would stay because he does not want to arbitrate which is the best security model.
640:
577:
97:, while not imposing a large and complex change-patch on the mainstream kernel. It isn't intended to be a general "
678:
539:
39:
683:
693:
501:
170:
71:
67:
174:
145:
35:
554:
732:
725:
673:
190:
925:
517:
217:
SELinux itself. However, there are other LSM modules maintained outside of the mainstream kernel tree (
821:
650:
113:
411:
809:
454:
186:
70:
module, while imposing the fewest possible changes to the Linux kernel. LSM avoids the approach of
698:
564:
534:
368:
27:
234:
226:
506:
655:
645:
486:
245:
210:
230:
841:
602:
120:" failing system-calls and returns an error code before getting near significant objects.
66:
LSM was designed in order to answer all the requirements for successfully implementing a
903:
765:
665:
607:
491:
447:
178:
94:
79:
16:
Framework that allows the Linux kernel to support a variety of computer security models
919:
815:
787:
758:
751:
703:
635:
238:
877:
744:
688:
511:
478:
249:
155:
55:
31:
793:
779:
719:
496:
272:
314:
392:
772:
738:
630:
799:
253:
218:
140:
75:
43:
434:
127:
presented at USENIX Security 2002. At the same conference was the paper
804:
273:"Linux Security Modules: General Security Support for the Linux Kernel"
194:
87:
83:
47:
293:
202:
125:
Linux
Security Modules: General Security Support for the Linux Kernel
347:
112:
LSM's access-control goal is very closely related to the problem of
58:
are the currently approved security modules in the official kernel.
872:
470:
315:"Using CQUAL for Static Analysis of Authorization Hook Placement"
443:
129:
Using CQUAL for Static
Analysis of Authorization Hook Placement
206:
198:
42:
and is a standard part of the Linux kernel since Linux 2.6.
348:"Linux Security Modules: General Security Hooks for Linux"
244:
LSM is likely to remain since additional security modules
439:
415:
256:(version 2.6.36) were accepted in the mainline kernel.
334:
832:
712:
664:
623:
563:
527:
477:
93:LSM is narrowly scoped to solve the problem of
430:SysAdmin magazine article on BSD Secure Levels
346:Stephen Smalley; Timothy Fraser; Chris Vance.
455:
8:
435:Security Projects based on the Linux kernel
462:
448:
440:
123:The LSM design is described in the paper
38:. LSM is licensed under the terms of the
892:Free and open-source software portal
264:
34:to support, without bias, a variety of
86:(race) attacks. Instead, LSM inserts "
335:Landlock: unprivileged access control
169:At the 2001 Linux Kernel Summit, the
107:Operating system-level virtualization
7:
412:"Source code and project statistics"
403:Free and open-source software portal
834:Professional related certifications
14:
613:List of software package managers
598:Security-focused operating system
369:"Linux Security Module Interface"
105:" mechanism, nor does it support
898:
897:
885:
871:
395:
294:"11th USENIX Security Symposium"
252:(version 2.6.30, June 2009) and
223:Linux Intrusion Detection System
588:Distributions that run from RAM
1:
545:GNU/Linux naming controversy
367:Crispin Cowan (2001-04-11).
78:because it doesn't scale to
641:Linux Documentation Project
583:Netbook-specific comparison
947:
540:Criticism of desktop Linux
177:be included in Linux 2.5.
82:kernels and is subject to
40:GNU General Public License
931:Operating system security
865:
550:Tanenbaum–Torvalds debate
373:linux-kernel mailing list
72:system call interposition
68:mandatory access control
36:computer security models
726:Free Software Magazine
656:Linux User Group (LUG)
20:Linux Security Modules
651:Linux Mark Institute
195:Immunix Corporation
578:Distributions list
573:General comparison
535:Criticism of Linux
248:(version 2.6.25),
913:
912:
938:
901:
900:
890:
889:
888:
878:Linux portal
876:
875:
847:Linux Foundation
646:Linux Foundation
464:
457:
450:
441:
426:
424:
423:
414:. Archived from
405:
400:
399:
398:
383:
382:
380:
379:
364:
358:
357:
355:
354:
343:
337:
332:
326:
325:
323:
322:
311:
305:
304:
302:
301:
290:
284:
283:
281:
280:
269:
211:Silicon Graphics
946:
945:
941:
940:
939:
937:
936:
935:
916:
915:
914:
909:
886:
884:
870:
861:
828:
708:
660:
619:
603:Package manager
559:
523:
502:Booting process
473:
468:
421:
419:
410:
401:
396:
394:
391:
386:
377:
375:
366:
365:
361:
352:
350:
345:
344:
340:
333:
329:
320:
318:
313:
312:
308:
299:
297:
292:
291:
287:
278:
276:
271:
270:
266:
262:
191:loadable module
167:
137:
114:system auditing
64:
17:
12:
11:
5:
944:
942:
934:
933:
928:
918:
917:
911:
910:
908:
907:
895:
881:
866:
863:
862:
860:
859:
854:
849:
844:
842:CompTIA Linux+
838:
836:
830:
829:
827:
826:
819:
812:
807:
802:
797:
790:
785:
784:
783:
769:
766:Linux Magazine
762:
755:
748:
741:
736:
729:
722:
716:
714:
710:
709:
707:
706:
701:
696:
691:
686:
681:
676:
670:
668:
662:
661:
659:
658:
653:
648:
643:
638:
633:
627:
625:
621:
620:
618:
617:
616:
615:
610:
608:Package format
600:
595:
590:
585:
580:
575:
569:
567:
561:
560:
558:
557:
552:
547:
542:
537:
531:
529:
525:
524:
522:
521:
514:
509:
504:
499:
494:
489:
483:
481:
475:
474:
469:
467:
466:
459:
452:
444:
438:
437:
432:
427:
407:
406:
390:
389:External links
387:
385:
384:
359:
338:
327:
306:
285:
263:
261:
258:
179:Linus Torvalds
173:proposed that
166:
163:
162:
161:
158:
153:
148:
143:
136:
133:
118:short circuits
95:access control
80:multiprocessor
63:
60:
15:
13:
10:
9:
6:
4:
3:
2:
943:
932:
929:
927:
924:
923:
921:
906:
905:
896:
894:
893:
882:
880:
879:
874:
868:
867:
864:
858:
855:
853:
850:
848:
845:
843:
840:
839:
837:
835:
831:
825:
824:
820:
818:
817:
816:Revolution OS
813:
811:
808:
806:
803:
801:
798:
796:
795:
791:
789:
788:Linux Outlaws
786:
782:
781:
777:
776:
775:
774:
770:
768:
767:
763:
761:
760:
759:Linux Journal
756:
754:
753:
752:Linux Gazette
749:
747:
746:
742:
740:
737:
735:
734:
730:
728:
727:
723:
721:
718:
717:
715:
711:
705:
704:Linux malware
702:
700:
697:
695:
692:
690:
687:
685:
682:
680:
677:
675:
672:
671:
669:
667:
663:
657:
654:
652:
649:
647:
644:
642:
639:
637:
636:Linux Counter
634:
632:
629:
628:
626:
624:Organizations
622:
614:
611:
609:
606:
605:
604:
601:
599:
596:
594:
591:
589:
586:
584:
581:
579:
576:
574:
571:
570:
568:
566:
565:Distributions
562:
556:
555:SCO and Linux
553:
551:
548:
546:
543:
541:
538:
536:
533:
532:
530:
528:Controversies
526:
520:
519:
515:
513:
510:
508:
505:
503:
500:
498:
495:
493:
490:
488:
485:
484:
482:
480:
476:
472:
465:
460:
458:
453:
451:
446:
445:
442:
436:
433:
431:
428:
418:on 2005-03-07
417:
413:
409:
408:
404:
393:
388:
374:
370:
363:
360:
349:
342:
339:
336:
331:
328:
316:
310:
307:
295:
289:
286:
274:
268:
265:
259:
257:
255:
251:
247:
242:
240:
239:Kernel Summit
236:
232:
228:
224:
220:
214:
212:
208:
204:
200:
196:
192:
188:
187:Crispin Cowan
185:In response,
183:
180:
176:
172:
164:
159:
157:
154:
152:
149:
147:
144:
142:
139:
138:
134:
132:
130:
126:
121:
119:
115:
110:
108:
104:
100:
96:
91:
89:
85:
81:
77:
73:
69:
61:
59:
57:
53:
49:
45:
41:
37:
33:
30:allowing the
29:
25:
21:
926:Linux kernel
902:
883:
869:
822:
814:
792:
778:
771:
764:
757:
750:
745:Linux Format
743:
731:
724:
699:Range of use
516:
479:Linux kernel
420:. Retrieved
416:the original
376:. Retrieved
372:
362:
351:. Retrieved
341:
330:
319:. Retrieved
309:
298:. Retrieved
288:
277:. Retrieved
267:
250:TOMOYO Linux
243:
215:
184:
168:
128:
124:
122:
117:
111:
102:
98:
92:
65:
56:TOMOYO Linux
32:Linux kernel
23:
19:
18:
794:Linux Voice
780:Ubuntu User
733:Full Circle
720:DistroWatch
593:Lightweight
507:Kernel oops
497:Linux-libre
492:Linus's law
920:Categories
422:2006-02-08
378:2007-02-03
353:2015-10-26
321:2007-02-03
300:2007-02-03
279:2007-02-03
260:References
773:LinuxUser
739:Linux.com
631:LinuxChix
235:Multi ADM
227:FireFlier
28:framework
904:Category
823:The Code
810:Phoronix
800:LugRadio
684:Embedded
674:Adopters
666:Adoption
254:AppArmor
219:AppArmor
160:Landlock
141:AppArmor
135:Adoption
76:Systrace
74:used by
44:AppArmor
852:Red Hat
805:LWN.net
679:Desktop
487:History
175:SELinux
165:History
146:SELinux
84:TOCTTOU
48:SELinux
26:) is a
857:Ubuntu
694:Mobile
689:Gaming
317:. 2002
296:. 2002
275:. 2002
203:McAfee
197:, the
156:TOMOYO
103:upcall
101:" or "
62:Design
54:, and
713:Media
518:more…
471:Linux
246:Smack
231:CIPSO
151:Smack
88:hooks
52:Smack
99:hook
512:Tux
207:IBM
199:NSA
171:NSA
24:LSM
922::
371:.
233:,
229:,
225:,
221:,
209:,
205:,
201:,
109:.
50:,
46:,
463:e
456:t
449:v
425:.
381:.
356:.
324:.
303:.
282:.
22:(
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.