Linux Security Summit 2012/Abstracts/Handa

From Linux Kernel Security Subsystem
Jump to: navigation, search


CaitSith - A New Type of Rule Based In-kernel Access Control


Tetsuo Handa, NTT


There had been various attempts for enforcing rule based access control in the Linux kernel. Many distributions nowadays enable some of in-tree LSM modules. However, many people are still disabling these modules because these modules are too complicated for them to use. Although white-listing approach is popular among security experts than black-listing approach, black-listing approach seems to be popular among those who are not security experts. In this presentation, CaitSith, a new type of rule based access control that mixed capability model and ACL model, is proposed. The rules in CaitSith are similar to network firewall and allow black-listing approach.

Expected audiences are Linux users who are disabling in-tree LSM modules, are seeking for more simplified form of in-kernel access control, or are developing LSM modules. Audiences will know why CaitSith was developed and basic usage of CaitSith.

Tetsuo Handa is the main author of TOMOYO (one of in-tree LSM modules), AKARI (loadable kernel module version of TOMOYO) and CaitSith. He had been involved in the area of in-kernel access control from April 2003 to March 2012 at NTT DATA CORPORATION, Japan. He had talks/BoFs at several Linux related international conferences and PacSec 2008.