Re: File descriptors: LSM should support them in phase 1.

• Previous message: Crispin Cowan: "Re: MAC before DAC vs DAC before MAC"
• In reply to: Casey Schaufler: "Re: File descriptors: LSM should support them in phase 1."
• Next in thread: Crispin Cowan: "Re: File descriptors: LSM should support them in phase 1."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Casey Schaufler wrote:

> "KRAMER,STEVEN (HP-USA,ex1)" wrote:
> > On the one hand, they are told to
> > not pollute phase 1 with audit and wait for phase 2, and on the other
> > hand they are being told that phase 2 is nowhere near a certainty.
>
> Well, we ARE doing an audit implementation, that's not an uncertainty.

Granted.  I support that.  I will help.  But I can't assure acceptance by
Linus.  The Phase 1/2 plan is an attempt to improve the odds.


> The question is if LSM will be sufficient for it. If it isn't, we're
> back to square one, with multiple conflicting implementations of
> security facilities competing for approval for inclusion in the official
> tree. We don't want that. It's reasonably clear that conflicts need to
> be resolved to mutual dissatisfaction within LSM before we can stand
> united before the larger community.
>
> The larger community is going to hit us with both barrels. It's been
> that way since I started putting these features into U2X back in 1987.
> We have to be strong and together, or we're toast, lightly spread with
> peach compote.

Outstanding!  We appear to be on the same page :-)


> > Does anyone know the chances of a phase 2?
> We will do it, if audit isn't in Phase 1. We have to, our market
> (honking big compute boxes, etc) depends on it. It's the reason we're
> here. Working together to make Linux better.

I recomend "audit lite" in Phase 1, disguised as access control features.
The fd discussion is an ideal exaple.  To get a feature that audit wants
into phase 1, justify it with an access control reason for it to be
there.  That will fly a lot better if the access control justification
comes in the form of a useful, working module than in the form of a
paragraph of rationalizing.

Crispin

--
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc. http://wirex.com
Security Hardened Linux Distribution:       http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html




_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Chris Wright: "Re: [PATCH] skb hooks (v.2)"
• Previous message: Crispin Cowan: "Re: MAC before DAC vs DAC before MAC"
• In reply to: Casey Schaufler: "Re: File descriptors: LSM should support them in phase 1."
• Next in thread: Crispin Cowan: "Re: File descriptors: LSM should support them in phase 1."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 25 2001 - 18:22:11 PDT