Re: linux-security-module digest, Vol 1 #175 - 9 msgs

From: David Wagner (dawat_private)
Date: Mon Jul 23 2001 - 12:40:04 PDT

  • Next message: jmjonesat_private: "Re: Patch Acceptance Procedure"

    David Wheeler wrote:
    >If solutions are equal & one would
    >be better for covert channels (if that were to be supported later),
    >by all means choose the more flexible
    >approach.  I do _NOT_ think inhibiting covert channels is
    >anywhere near as important as flexible access rights & auditing.
    
    Right.  Thanks.  That's a much better formulation of the point
    I was trying to get across: I'm not convinced that covert channels
    should not be the deciding factor in choosing the order of in-kernel
    and hook-based checks, if there are other factors as well, because I'm
    not convinced that the payoff is large enough.  Other than that, I'm
    pretty agnostic about the order of the checks, and about whether
    someone else wants to write modules that inhibit covert channels.
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Mon Jul 23 2001 - 12:46:28 PDT