Valdis.Kletnieksat_private wrote: > On Tue, 31 Jul 2001 19:12:20 PDT, Crispin Cowan said: > > [moving kernel's DAC logic to a module is hopeless] > > Is it something that we should at least get onto people's radar as a possible > thing for a 2.7 kernel project? I suspect much of it is intertwined due to > "just grew" software dynamics. I agree that it "just grew." That's what makes it hard to reverse. > 1) Would it be worth the effort for *somebody* to unsnarl/streamline it? I don't think so, but I can't stop people from trying. I believe that such an effort is doomed: * It will be a huge amount of work. * It won't work: it will induce waay too many bugs to manage. * It will never be accepted: even if you can get it debugged, Linus et al won't believe it to be stable enough. > 2) Should the "somebody" be "us" as part of a 'stage 2' effort? Here I'm more vehement: No, I'd really rather that didn't happen. If we put this into the stage 2 plans (or even propse a "stage 3") and the main kernel people hear about it, they're likely to be so horrified that stage 1 may get stonewalled. Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue Jul 31 2001 - 20:26:28 PDT