Hi, Since there are many project which is trying to implementation the MAC in the kernel via difference way, and Linus want to create a gerneral way to support this. I think we can write down what we have done and what will want to do in the future. What is the shortcoming and what is the goodpoint for the current project. For LIDS, altough it is really a development version and do not do as good as so many project, but it is really a pratical tools to ensure the security policy when lacking such tools. But what LIDS do is tatally in the kernel and lacking of some protection of IPC and sockets. If existing such security hocks or security interface for all the security model can be easily implement via the interface, I will be very glad;-). I will like to see all our effort here. On Fri, 13 Apr 2001, Pete Loscocco wrote: > Grant Wagner wrote: > > > ...I believe that [Linus] > > expects us to come up with a thoughtful design that offers a platform for > > strong security built upon the lessons learned from the existing approaches. > > When I briefed the Security-enhanced Linux project at the Kernel > Developers Summit in San Jose, Linus said that he was willing to > entertain the idea of mandatory access control in the kernel. What he > wasn't willing to do was to choose the particular way that security > should be implemented. Instead he is looking for a very general > approach to make security decisions. He suggested that he would be > willing to place security checks throughout the kernel using function > pointers. The security community would then be able to define the > functions to support different models of security and link them in > appropriately. In that way Linux could be used for secure systems but > still be used by those that think the current security model is fine. > > He challanged me, but in effect the security communtiy, to get the > interested security projects together and figure out how to do this in > a way that could satisfy the general case. To really do this right, I > believe that when figuring out how we are going to add the hooks, we > must ensure that they are comprehensive. In addition, it is a definite > requirement that when the current security model is chosen then > the additional performance impact of the security hooks be minimal. > > This will require some careful thought. We must understand the > different security projects and the different security models that they > are trying to implement. We must establish what the checks that need to > be made are and understand the requirements on the interface to the general > security fuctions. If we rush to an implementation before doing this, > the result will likely not be what Linus intended. > > -- > Peter Loscocco > Security-enhanced Linux Project Leader > Information Assurance Research Group > National Security Agency > > _______________________________________________ > linux-security-module mailing list > linux-security-moduleat_private > http://mail.wirex.com/mailman/listinfo/linux-security-module > -- Happy Hacking LIDS secure linux kernel http://www.lids.org/ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Sat Apr 14 2001 - 00:34:00 PDT