* frm crispinat_private "07/31/01 13:46:01 -0700" | sed '1,$s/^/* /' * * * Give up. In for a penny, in for a pound. Since we don't really get * simple assurance, give up completely on this concept, and start using * authoritative hooks. This will (apparently) satisfy some needs of * JMJ, possibly alleviate the MAC/DAC sequence tension between SGI and * WireX, enable honeypot modules, and perhaps even make some other * folks happy. The cost is that the security requirements for * buglessness in LSM modules goes waaay up, for *every* module. Guess which I prefer ? :-) Loading any kernel module is a privileged operation. "With privilege comes responsibility" (TM). Giving up is definetly the hardest thing to do, its a going to mean starting from scratch, and then convicing the wider community that the design decision was valid. But as you said, it does remove a number of issues that we haven't yet found a solution for. * * Comments? * * Crispin richard. ----------------------------------------------------------------------- Richard Offer Technical Lead, Trust Technology, SGI "Specialization is for insects" _______________________________________________________________________ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue Jul 31 2001 - 14:17:47 PDT