* frm sdsat_private "08/02/01 12:05:02 -0400" | sed '1,$s/^/* /' * * * We seem to be rehashing old issues without any real justification, * and this is impeding forward progress on LSM. Authoritative * hooks were discussed, implemented, and discarded back in June. * Moving DAC out of the base kernel was discussed and rejected. * The ordering of the hooks with respect to DAC has been debated * endlessly, but the arguments for putting the hooks first seem * to have been effectively countered on this list. And the * "demise of simple assurance" is nothing new, definitely not * a surprise to me, and presumably not a surprise to anyone * who is actually implementing a LSM module. Of course modules * can modify the structures (and in some cases, this is quite * desirable and necessary for implementing the desired security * functionality). Even without the explicitly passed structures, * many modules will be inspecting the state of the current task * (and in some cases changing it). The fact that the issues keep reappearing indicates that not everyone is happy with the current proposal. As new evidence appears it is right to re-evaluate design decisions. Design by Status Quo isn't a valid methodology. Shipping something that is flawed and does not have buyin from everyone just to be able to say we shipped something is going to lead to problems and is likely to doom the project to failure. If the LSM isn't useful outside of SELinux/SubDomain/Janus its going to suffer when it hits the main line. * * I propose that we stay with our previous decisions on * these issues, and make forward progress on LSM, e.g.: * * 1) Move all hook calls after the DAC logic. Nope, that doesn't help our MAC policy. That is what we have now, we've raised our objections to this and there has been discussion on how to handle it. I don't yet see any consensus. [snip] We all agree that we need to move forward, moving forward in the wrong direction is not moving forward. * * -- * Stephen D. Smalley, NAI Labs richard. ----------------------------------------------------------------------- Richard Offer Technical Lead, Trust Technology, SGI "Specialization is for insects" _______________________________________________________________________ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Aug 02 2001 - 11:24:29 PDT