Re: Preferred subj= with multiple LSMs
On 7/16/2019 9:14 AM, Steve Grubb wrote:
On Tuesday, July 16, 2019 12:00:05 PM EDT Casey Schaufler wrote:
>
> Unless there's an objection I will use this format with
> a slight modification. Smack allows commas in labels, so
> using a bare comma can lead to ambiguity.
>
> lsms=smack,apparmor subj="TS/Alpha,Beta","a"
Oops! '/' isn't allowed in a Smack label. How embarrassing is that?
>
> It's more code change than some of the other options,
> but if it has the best chance of working with user space
> I'm game.
Quoting has a specific meaning in audit fields. So, we really shouldn't do
that. We can simply pick another field delimiter. I really don't care which it
is as long as its illegal for use in a label. For example, we use
#define AUDIT_KEY_SEPARATOR 0x01
to separate key fields. We can pick almost anything. (exclamation mark, semi-
colon, hash, plus symbol, tilde, 0x02, whatever) But it will need to be
documented and put into the API so that everyone is aware of the convention.
Unless there's objection I'll document and use '/',
lsms=selinux,apparmor subj=a:b:c:d/a
If there is objection without alternative presented I'll use 0x02,
because no one (I hope) is going to allow that in their label, and
keys have set precedence for unprintable characters.
-Steve