Hello, Everyone: I've been using Linux since she was a pup, first as a toy, and now for production systems in a variety of different ways. I'm *NOT* a kernel hacker, as such, but have been building and tweaking systems since i pieced together my own 8080 way back in the 70s. I like the idea of being able to load modules into Linux that will overlay the current security model and protect kernel objects from tampering and grant much finer permissions/privileges to specific processes, but would like to voice the following concerns from the "guys who are gonna have to use this system" end: 1) OVERHEAD OVERHEAD OVERHEAD. One of the great things about Linux is you can still get good performance out of a MIPS Nevada 1.0 or Intel Pentium I 133. 1% may seem reasonable, with Moore's Law working and all, but it can be a real make or break. Please shoot for something more economical than that, or consider ways to optimize the kernel to "enhance away" the performance hit. 2) SIZE. The Kernel is already much too large and heavy for my taste, although I love every little tweak that's been added. Could some of the EXISTING internal functions be moved to a "default module" which would be replaced by an enhanced security module, thereby recovering some of the cost in resource? 3) TRANSPARENCY. I spend a lot of time testing and hardening and kludging security systems at the application level. While it is arguable that providing access to capabilities/ permissions/privileges to userspace programs could introduce more overhead and, possibly, vulnerability, I can actually envision an "aware" program polling for it's permissions and abandoning some of it's OWN internal security checking because it is being provided by an underlying layer, resulting in a recovery of some overhead. If a "general purpose interface" can be devised that would provide meaningful information to userspace programs about their environment, regardless of the specific module, it would be useful "out here in the common lands." I'm fairly new to this list, and, perhaps, I don't fully understand enough of the picture or issues, yet, but, as an "audience member" I'd sure like to see consideration of some of these issues in these early stages. Sincerely, J. Melvin Jones |>------------------------------------------------------ || J. MELVIN JONES jmjonesat_private |>------------------------------------------------------ || Microcomputer Systems Consultant || Software Developer || Web Site Design, Hosting, and Administration || Network and Systems Administration |>------------------------------------------------------ || http://www.jmjones.com/ |>------------------------------------------------------ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Sun Apr 15 2001 - 16:58:59 PDT