Re: Kernel Security Extensions USENIX BOF Summary

From: Emily Ratliff (ratliffat_private)
Date: Tue Jul 03 2001 - 15:25:05 PDT

  • Next message: Crispin Cowan: "Re: Kernel Security Extensions USENIX BOF Summary"

    On Tue, 3 Jul 2001 sarnoldat_private wrote:
    > > The threat model under consideration is kernel developers who either
    > > optimize away a hook they don't understand, or add some new functionality
    > > (e.g. a new way to open files) without adding appropriate hooks.  Following
    > > some discussion, we concluded that there is no cure for this threat except
    > > dilligence.
    > Does this mean the consensus reached at the BoF was that a regression
    > test program wouldn't be worth the time it takes to write one?
    Yes, that was the general consensus. I'm not sure if Steve Kramer was
    convinced, but the general feeling was that it was doable, but not
    necessarily worth doing - it might be a good thing if hooks that weren't
    being actively used died out.
    
    Emily
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Tue Jul 03 2001 - 15:25:24 PDT