* David Wagner (dawat_private) wrote: > >Right. And I'm saying that *THIS* is the time to at least think about > >defining a new, secure interface. > > Good. I, too, would be truly interested to hear of a solution, if you > find one. By all means, I hope you will study the problem and try out > experimental solutions in your module. > > But, in the meantime, I plead: don't mandate it on the rest of us > module-writers. Remember that the general kernel patches are intended > to be mainstream, proven, non-research code. All the experimental, > research-y policy stuff should go in the policy modules, according to > my interpetation of Linus's mandate for this project, and at the moment, > this new interface surely must belong in that category. > > In other words, research on a new, secure interface appears to be outside > the scope of this mailing list, under my interpretation of its charter. > Providing suggestions of security_ops hooks that would be required to > support such an interface, on the other hand, appears to be directly in > line with the goals of the list, if I can presume to try to guess what > the list owners would say. Well put. The whole purpose of this exercise is to abstract a common set of needs for security modules. We have been largely focusing on existing projects since they clearly have well-researched concrete needs. We are not interested in stiffling creativity, but pushing it into each module's policy domain. We have enough work covering the needs of the existing projects ;-) -chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue Apr 24 2001 - 11:34:56 PDT