Re: Kernel Security Extensions USENIX BOF Summary

• Previous message: Greg KH: "Re: Kernel Security Extensions USENIX BOF Summary"
• In reply to: Crispin Cowan: "Re: Kernel Security Extensions USENIX BOF Summary"
• Next in thread: Greg KH: "Re: Kernel Security Extensions USENIX BOF Summary"
• Reply: Greg KH: "Re: Kernel Security Extensions USENIX BOF Summary"
• Reply: Emily Ratliff: "Re: Kernel Security Extensions USENIX BOF Summary"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jul 03, 2001 at 02:02:23PM -0700, Crispin Cowan wrote:
> The threat model under consideration is kernel developers who either
> optimize away a hook they don't understand, or add some new functionality
> (e.g. a new way to open files) without adding appropriate hooks.  Following
> some discussion, we concluded that there is no cure for this threat except
> dilligence.

Does this mean the consensus reached at the BoF was that a regression
test program wouldn't be worth the time it takes to write one? I tend to
think asking Linus and Alan to run './lsm-nothing-obviously-broken-tester'
before making new point releases would be a useful thing.

But if you guys hashed it all out, I'm fine going with your decision. :)

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Greg KH: "Re: Kernel Security Extensions USENIX BOF Summary"
• Previous message: Greg KH: "Re: Kernel Security Extensions USENIX BOF Summary"
• In reply to: Crispin Cowan: "Re: Kernel Security Extensions USENIX BOF Summary"
• Next in thread: Greg KH: "Re: Kernel Security Extensions USENIX BOF Summary"
• Reply: Greg KH: "Re: Kernel Security Extensions USENIX BOF Summary"
• Reply: Emily Ratliff: "Re: Kernel Security Extensions USENIX BOF Summary"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 03 2001 - 14:48:20 PDT