Re: permissive vs. restrictive issue and solutions...

From: Crispin Cowan (crispinat_private)
Date: Thu May 31 2001 - 22:52:07 PDT

Chris Wright wrote:

> i guess i prefer the approach in option 2, but perhaps option 3 is more
> likely to be accepted in to the kernel.
> thoughts from the list?  other options?

Another option we discussed in a meeting this afternoon was "kick capabilities
out".  All of the security modules we (WireX) understand are "restrictive",
and only capabilities is "permissive". If we kick capabilities out of the
picture, LSM gets simpler.

"Kick capabilities out" also comes in two flavors.  One is to leave it in the
kernel, rather than make it an LSM module.  The other is to kick it right out
of Linux, because the POSIX standard has failed, support for Capabilities in
Linux is lame, and we think it sucks anyway :-)  As with some other options,
this may be a hard sell.  But I think it deserves serious consideration.


Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc.
Security Hardened Linux Distribution:
Available for purchase:

linux-security-module mailing list

This archive was generated by hypermail 2b30 : Thu May 31 2001 - 22:53:28 PDT