On Fri, 3 Aug 2001, Crispin Cowan wrote: > Ted Ts'o agreed to be the gateway dude for LSM. I've sent him a query asking about > the "move all DAC logic to a module" question. But I only did it an hour ago, so I > don't know how long before we get a response. Any word yet one way or another? I'm concerned, a bit, for the following reasons: 1) the more patches/work that get done within the "restrictive_only" model, the more work have to do here to convert from "restrictive_only" to authoritative. 2) the suggestion that somebody was going to be asked to provide a more definitive answer stopped, again, the arguments for authoritative hooks and DAC->module migration, and work is still progressing on a vector that increases the distance between the current result and the proposed result. 3) If there HAS been no response, it would suggest either A) Ted is unavailable to comment right now or B) there is no strong desire to clarify (perhaps because Ted doesn't want it and Linus might, both are waiting for this question to play out, or, possibly, C) either or both are hoping we'll preserve a good argument AGAINST acceptance of LSM. If the option is A: Let's come up with a good, clear, deterministic question for Linus and ASK him. If the option is B: Let's forget the "Linus said" argument and argue it out to a consensus only on it's merits. If the option is C: Let's just "do the right thing" and hope for the best. If the option is "NONE OF THE ABOVE": I volunteer to propose an un-weighted, answerable question, to both Ted and Linus, after submitting this query to the list for approval. > > Crispin > > -- > Crispin Cowan, Ph.D. > Chief Scientist, WireX Communications, Inc. http://wirex.com > Security Hardened Linux Distribution: http://immunix.org > Available for purchase: http://wirex.com/Products/Immunix/purchase.html > Sincerely, J. Melvin Jones |>------------------------------------------------------ || J. MELVIN JONES jmjonesat_private |>------------------------------------------------------ || Microcomputer Systems Consultant || Software Developer || Web Site Design, Hosting, and Administration || Network and Systems Administration |>------------------------------------------------------ || http://www.jmjones.com/ |>------------------------------------------------------ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 09:57:35 PDT