Re: Making forward progress

• Previous message: Valdis.Kletnieksat_private: "Re: Making forward progress"
• In reply to: Stephen Smalley: "Making forward progress"
• Next in thread: Stephen Smalley: "Re: Making forward progress"
• Reply: Stephen Smalley: "Re: Making forward progress"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* frm sdsat_private "08/02/01 12:05:02 -0400" | sed '1,$s/^/* /'
*
* 
* We seem to be rehashing old issues without any real justification,
* and this is impeding forward progress on LSM.  Authoritative
* hooks were discussed, implemented, and discarded back in June.
* Moving DAC out of the base kernel was discussed and rejected.
* The ordering of the hooks with respect to DAC has been debated
* endlessly, but the arguments for putting the hooks first seem
* to have been effectively countered on this list.  And the
* "demise of simple assurance" is nothing new, definitely not
* a surprise to me, and presumably not a surprise to anyone
* who is actually implementing a LSM module.  Of course modules
* can modify the structures (and in some cases, this is quite
* desirable and necessary for implementing the desired security
* functionality).  Even without the explicitly passed structures,
* many modules will be inspecting the state of the current task
* (and in some cases changing it).

The fact that the issues keep reappearing indicates that not everyone is
happy with the current proposal. As new evidence appears it is right to
re-evaluate design decisions. Design by Status Quo isn't a valid
methodology.

Shipping something that is flawed and does not have buyin from everyone
just to be able to say we shipped something is going to lead to problems
and is likely to doom the project to failure.

If the LSM isn't useful outside of SELinux/SubDomain/Janus its going to
suffer when it hits the main line.

* 
* I propose that we stay with our previous decisions on
* these issues, and make forward progress on LSM, e.g.:
* 
* 1) Move all hook calls after the DAC logic.

Nope, that doesn't help our MAC policy. That is what we have now, we've
raised our objections to this and there has been discussion on how to
handle it. I don't yet see any consensus.


[snip]

We all agree that we need to move forward, moving forward in the wrong
direction is not moving forward.


* 
* --
* Stephen D. Smalley, NAI Labs


richard.

-----------------------------------------------------------------------
Richard Offer                     Technical Lead, Trust Technology, SGI
"Specialization is for insects"
_______________________________________________________________________


_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Stephen Smalley: "Re: Making forward progress"
• Previous message: Valdis.Kletnieksat_private: "Re: Making forward progress"
• In reply to: Stephen Smalley: "Making forward progress"
• Next in thread: Stephen Smalley: "Re: Making forward progress"
• Reply: Stephen Smalley: "Re: Making forward progress"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 02 2001 - 11:24:29 PDT