On Tue, May 22, 2001 at 05:15:22PM -0400, jmjonesat_private wrote: > Kernel calls it's registered function, module has a function there that > may or may not call the "subordinate" registered function, if it decides > that access is allowed. Pass down the chain. This is one possible policy. Another possible policy would deny actions only if *all* modules return failure -- allowing the action happens if one or more of the modules assents. (Though it sounds far more open than the other style, I think it may be more in line with capabilities systems' approach -- if there is a handle to an action or object, it is possible to perform that action or modify that object. Both can be made to be very restrictive.) Either policy is legitmate, and both cannot be implemented in the kernel using the "pass down the chain" method; at least not very easily. Mixing the two policies is right out if implemented in the standard kernel. A multiplexor module could do both at once, depending upon the desired modules. I maintain that the kernel should not be in the business of merging security policies. Let the modules deal with it. [Recall that I originally thought much the same as your arguments: I was convinced, sooner or later, to let the issue lie. I don't recall at what point you joined the discussion -- but it might not hurt to read the archives on this matter, if you joined after I made a fuss about it. I'd like to think the same arguments that convinced me could also convince you. :] > DEFINITION: > > Kernel Proper: The Core Kernel without modules. While this may make for easier conversations, I don't think it is quite true. Modules loaded into the kernel have all the abilities to step on toes that the rest of the kernel has. They share address spaces, etc. Perhaps a better term would be something similar to "linus-supplied kernel", "virgin kernel", "stock kernel", "standard kernel", etc. I only bring it up to make the point that once loaded, a module is really no different from the rest of the kernel. It is part of the kernel. I'm hoping we can continue to use the phrases "kernel" to mean that which Linus provides and "module" to mean any LSM-compliant module; yes, it is playing fast and loose with the words but I think we will know the difference in most cases. :) _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue May 22 2001 - 14:41:37 PDT