* frm gregat_private "07/19/01 09:08:58 -0700" | sed '1,$s/^/* /' * * On Wed, Jul 18, 2001 at 06:58:18PM -0700, Crispin Cowan wrote: *> *> Your private e-mail seemed to mis-understand the SubDomain security *> model. Yes, the absolute path name is the be-al and end-all that we *> need. What you outlined is an appropriate model for an ACL (access *> control list) model, but SubDomain is the dual of that. * * I'm not going to continue the SubDomain specific discussion on this * list, as it's off-topic. Unless its really esoteric, I believe that we would all benefit from continued public discussion. We all have our own favorite security implementations, what I think we're short of is in-depth understanding of other policies that our outside our immediate area. As such, when presented with new requirements for a policy, its takes a while for the rest of us to see why those requirements are really needed, rather than simply being seen as gratutious changes. SubDomain and Audit are not simmilar at all, but they both want to use the supplied pathname, that indicates to me that for whatever reason, the absolute pathname question cannot be dismissed off-hand. If the further discussion is felt to be off-topic for this list, can it at least be taken to lsm-discussionat_private rather than held privately. * * greg k-h richard. ----------------------------------------------------------------------- Richard Offer Technical Lead, Trust Technology, SGI "Specialization is for insects" _______________________________________________________________________ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jul 19 2001 - 09:34:29 PDT