Re: Making forward progress

From: richard offer (offerat_private)
Date: Thu Aug 02 2001 - 11:15:44 PDT

  • Next message: Stephen Smalley: "Re: Making forward progress"

    * frm sdsat_private "08/02/01 12:05:02 -0400" | sed '1,$s/^/* /'
    * We seem to be rehashing old issues without any real justification,
    * and this is impeding forward progress on LSM.  Authoritative
    * hooks were discussed, implemented, and discarded back in June.
    * Moving DAC out of the base kernel was discussed and rejected.
    * The ordering of the hooks with respect to DAC has been debated
    * endlessly, but the arguments for putting the hooks first seem
    * to have been effectively countered on this list.  And the
    * "demise of simple assurance" is nothing new, definitely not
    * a surprise to me, and presumably not a surprise to anyone
    * who is actually implementing a LSM module.  Of course modules
    * can modify the structures (and in some cases, this is quite
    * desirable and necessary for implementing the desired security
    * functionality).  Even without the explicitly passed structures,
    * many modules will be inspecting the state of the current task
    * (and in some cases changing it).
    The fact that the issues keep reappearing indicates that not everyone is
    happy with the current proposal. As new evidence appears it is right to
    re-evaluate design decisions. Design by Status Quo isn't a valid
    Shipping something that is flawed and does not have buyin from everyone
    just to be able to say we shipped something is going to lead to problems
    and is likely to doom the project to failure.
    If the LSM isn't useful outside of SELinux/SubDomain/Janus its going to
    suffer when it hits the main line.
    * I propose that we stay with our previous decisions on
    * these issues, and make forward progress on LSM, e.g.:
    * 1) Move all hook calls after the DAC logic.
    Nope, that doesn't help our MAC policy. That is what we have now, we've
    raised our objections to this and there has been discussion on how to
    handle it. I don't yet see any consensus.
    We all agree that we need to move forward, moving forward in the wrong
    direction is not moving forward.
    * --
    * Stephen D. Smalley, NAI Labs
    Richard Offer                     Technical Lead, Trust Technology, SGI
    "Specialization is for insects"
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Thu Aug 02 2001 - 11:24:29 PDT