jmjonesat_private wrote: > Can anybody state (succinctly) the limits of LSM, yet? Based on a lunch meeting with Ted Ts'o at USENIX, the scoping guideline is: * Now: sufficient hooks to support access controls. * Later: try to pitch the mainline kernel group on audit hooks This 2-stage approach is recomended so as to maximize our chances of making any progress at all. Naturally, any other kind of module that can make do with the hooks LSM provides is welcome to do so, but the guidance is that throwing in lots more hooks than are needed by access controls endangers the acceptability of LSM. At the same lunch, we briefed Ted on the discussion of how to deal with the "capabilities question": should it be a module or not? Should we move all kernel security logic out to a module or not? Ted agreed with the consensus the LSM list came to a few weeks ago: movking kernel logic out to a module is too intrusive and too risk-prone, so don't do it. Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jul 05 2001 - 23:58:22 PDT