[Labeled-nfs] Personal Internet-Draft for MAC support in NFSv4

Mon May 5 15:39:15 EDT 2008

Just as a clarification, I didn't release a new version of the document.
These changes alone are not worth bumping the draft version to 01 so I
am waiting for suggestions on the body of the document as well as the
introduction.

Dave

On Mon, 2008-05-05 at 15:26 -0400, Dave Quigley wrote:
> I removed the sections that could possibly be construed as being
> inflammatory. I would appreciate comments on the actual requirements
> portion of the document. It would also be good for us to move this
> discussion to the NFSv4 WG mailing list to people from SUN and Netapp
> can weigh in on this as well.
> 
> Dave
> 
> On Mon, 2008-05-05 at 08:17 -0700, Casey Schaufler wrote:
> > --- Stephen Smalley <sds at tycho.nsa.gov> wrote:
> > 
> > > 
> > > >...
> > > > I suggest that you take these strongly oppinionated statement
> > > > out of this Draft. First, they don't add any value in support of
> > > > the technology you are proposing. Second, they suggest that you
> > > > are making a proposal that ought not to allow such behavior and
> > > > that reduces the generality of your plan. Third, I would be
> > > > seriously disinclined to endorse the proposal, even though I
> > > > see no problems with the actual text, just because you insist
> > > > on dissing many of the implementations that would benefit from
> > > > it.
> > > > 
> > > > I have no problem with you targeting the proposal to SELinux.
> > > > That is your job, after all. Ignore all the other MAC schemes
> > > > if you must, although to be honest that is going to raise its
> > > > own set of political issues at the IETF. But please don't
> > > > turn this into a battlefield within our extraordinarily small
> > > > MAC community, and especially don't do it in front of the
> > > > children^H^H^H^H^H^H^H^HIETF.
> > > 
> > > Hi,
> > > 
> > > I don't think Dave intended the text to limit the applicability of
> > > labeled NFS for other MAC models, and I think we can address your
> > > concerns in the final text.
> > 
> > Thank you. I understand that the intention of the text is to
> > support the value of SELinux.
> > 
> > > However, by way of explanation, as I understand it, we were asked to
> > > include some background and rationale for why MAC support should matter
> > > to the NFSv4 WG, and a key part of that is the fact that MAC is now a
> > > mainstream security feature of general purpose operating systems. I
> > > don't believe that would be true if we had stayed with only the
> > > traditional notions of MAC that were implemented in trusted operating
> > > systems of the past. The flexible MAC model demonstrated in SELinux
> > > along with the SELinux project's advocacy of MAC as a useful feature for
> > > mainstream users played an important role in gaining adoption for MAC in
> > > mainline operating systems.
> > 
> > I personally believe that any model backed by the NSA to the
> > extent SELinux has been backed would have enjoyed similar success
> > in the marketplace. Flexiblity in a MAC model is I think a matter
> > of taste, and while I personally agree with you (Smack is also a
> > flexible MAC model) there are advocates of rigid (think lomac)
> > models, even to the extent that the MLS component of SELinux does
> > not bend particularly well. I've said it before, SELinux has the
> > unquestionable leadership role in MAC systems today. Five years
> > from now, who's to say? If the EU decides that Smack is the way to
> > go it might be kind of embarrassing for the labeled-nfs draft to
> > contain the language that is in it now. Again, I assume that
> > there was no malice in the original text, and appreciate that y'all
> > are willing to put it right.
> > 
> > Thank you.
> > 
> > Casey Schaufler
> > casey at schaufler-ca.com
> 
> _______________________________________________
> Labeled-nfs mailing list
> Labeled-nfs at linux-nfs.org
> http://linux-nfs.org/cgi-bin/mailman/listinfo/labeled-nfs