Re: Kernel Security Extensions USENIX BOF Summary

• Previous message: Greg KH: "Re: Kernel Security Extensions USENIX BOF Summary"
• In reply to: sarnoldat_private: "Re: Kernel Security Extensions USENIX BOF Summary"
• Next in thread: Crispin Cowan: "Re: Kernel Security Extensions USENIX BOF Summary"
• Reply: Crispin Cowan: "Re: Kernel Security Extensions USENIX BOF Summary"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 3 Jul 2001 sarnoldat_private wrote:
> > The threat model under consideration is kernel developers who either
> > optimize away a hook they don't understand, or add some new functionality
> > (e.g. a new way to open files) without adding appropriate hooks.  Following
> > some discussion, we concluded that there is no cure for this threat except
> > dilligence.
> Does this mean the consensus reached at the BoF was that a regression
> test program wouldn't be worth the time it takes to write one?
Yes, that was the general consensus. I'm not sure if Steve Kramer was
convinced, but the general feeling was that it was doable, but not
necessarily worth doing - it might be a good thing if hooks that weren't
being actively used died out.

Emily


_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Crispin Cowan: "Re: Kernel Security Extensions USENIX BOF Summary"
• Previous message: Greg KH: "Re: Kernel Security Extensions USENIX BOF Summary"
• In reply to: sarnoldat_private: "Re: Kernel Security Extensions USENIX BOF Summary"
• Next in thread: Crispin Cowan: "Re: Kernel Security Extensions USENIX BOF Summary"
• Reply: Crispin Cowan: "Re: Kernel Security Extensions USENIX BOF Summary"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 03 2001 - 15:25:24 PDT