Re: My patch

• Previous message: Titus D. Winters: "Re: My patch"
• In reply to: Titus D. Winters: "Re: My patch"
• Next in thread: Titus D. Winters: "Re: My patch"
• Reply: Titus D. Winters: "Re: My patch"
• Reply: Valdis.Kletnieksat_private: "Re: My patch"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

"Titus D. Winters" wrote:

> Still, it's the only way that we can get done what we need.  I'm fairly
> reserved to the fact that it isn't going to be accepted this way (I was
> actually fairly surprised when initially it was said that supporting
> honeypots would be something we should shoot for),

What I actually said was that I guessed the weird need was for honeypots, and
that honeypots is a legitimate security goal, which is a bit different from
"LSM should shoot for it."

An absolute requirement for LSM is "Linus will accept it."  That means that the
LSM patch has to be parsimonious (as small as possible) and Linus has to
perceive a broad need for the supported functionality (note his rejection of
Solar's non-executable stack patch).

Now, I see the value of honeypots as a research tool, and the Honeynet Project
http://project.honeynet.org/  in particular seems to be gathering valuable
data.  However, I disbelieve that honeypots are an important thing to deploy
widely.  I think it's a bad idea to deploy a honeypot on a production network
that you're actually trying to protect.

LSM is all about enabling the wide deployment of security enhancements:  things
that lots of people will want to use.  LSM lowers the "barrier to entry" by
allowing a module to load into a stock kernel, rather than having to manually
patch & build a kernel, which may be too much for some busy/clueless people to
bother with.

A honeypot is a VERY dangerous thing, something that only an experienced
security guru should undertake advisedly, and with a commitment to lots of
monitoring effort.  It seems to me that such people won't mind dealing with a
kernel source patch:  it is only a small fraction of the amount of work they
are signing up for.

So, if honeypots can make use of LSM, that's great.  But I don't believe we
should enlarge or complicate the LSM patch to support honeypots, because the
widely-deployed cost:benefit ratio isn't there.

We have not discussed this particular issue before.  What do other people
think?

Crispin

--
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc. http://wirex.com
Security Hardened Linux Distribution:       http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html


_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: friendsat_private: "Hello, your friend recommended openxxx to you"
• Previous message: Titus D. Winters: "Re: My patch"
• In reply to: Titus D. Winters: "Re: My patch"
• Next in thread: Titus D. Winters: "Re: My patch"
• Reply: Titus D. Winters: "Re: My patch"
• Reply: Valdis.Kletnieksat_private: "Re: My patch"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Jun 23 2001 - 11:48:41 PDT