[cgl_discussion] security review of Performance spec

Cihula, Joseph joseph.cihula at intel.com
Thu Sep 30 11:50:59 PDT 2004


I've looked at the Performance spec from a security point of view and
have the following comments/questions:

Have the real-time performance changes been tested on a system using an
LSM such as SELinux?  It is important that LSM security support not have
to be traded off with performance (requirements or minimums), since the
sacrifice of either would be undesirable.  That is not to say that using
an LSM will have no performance impact but rather that the performance
requirements/minimums should not be so strict as to preclude the use of
a reasonable and well-written LSM.

PRF.33.5 Prioritized protocol processing:
	The requirement should include security-related "guarantees"
that this mechanism will not be abuseable by a user process to starve
more critical processes of network packets.

PRF.8.0 Page flushing:
	The description states that this "may have security
implications".  If so (I wasn't able to determine any by reading on
fsync()) then these should be explicitly stated or, better yet,
mitigated.

Joseph Cihula
(Linux) Software Security Architect
Intel Corp.

*** These opinions are not necessarily those of my employer ***

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.linux-foundation.org/pipermail/cgl_discussion/attachments/20040930/75eb246f/attachment-0001.htm


More information about the cgl_discussion mailing list