Re: Making forward progress

• Previous message: Stephen Smalley: "Re: Making forward progress"
• In reply to: Crispin Cowan: "Re: Making forward progress"
• Next in thread: Crispin Cowan: "Re: Making forward progress"
• Next in thread: Stephen Smalley: "Re: Making forward progress"
• Next in thread: Valdis.Kletnieksat_private: "Re: Making forward progress"
• Next in thread: David Wheeler: "RE: Making forward progress"
• Reply: Crispin Cowan: "Re: Making forward progress"
• Reply: Seth Arnold: "Re: Making forward progress"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 6 Aug 2001, Crispin Cowan wrote:

> richard offer wrote:
> 
> > * frm crispinat_private "08/06/01 10:43:46 -0700" | sed '1,$s/^/* /'
> > * I think Richard Offer had it right when he suggested thinking about
> > * DAC-out for Linux 3.0.
> >
> > I was being facetious.
> 
> Oh :-(
> 
> 
> > I still believe its the right thing to do now, that doesn't mean I think it
> > will be done.
> 
> I think it would be the right thing to do if this were Linux 0.6, and we were
> designing the security implementation for a new kernel.  I agree that it is
> the right design.  My main objection is that it is not the design used for
> Linux, and an attempt to impose this design on the existing code will succeed
> about as well as an organ transplant to a human from a turnip.

We're in the 0.x versions of LSM.  LSM is the "new security paradigm" for
linux, is we succeed.  We're changing things.  If you don't want to change
things, drop out now... things are GOING to change.  It's inevitable. 

I agree, things have gone wrong, but LSM can fix this, and it can do it
WITHOUT breaking other strategies toward security.  I admin being naive... 
in essence, I saw LSM as being a "branch" in the forward development of
Linux that might allow security where there previously was none. 

My mistake?  
J. Melvin Jones


> 
> But if you step out to the 3.0 time frame, and start lobbying for it in the
> main linux kernel community shortly after LSM has been accepted and is a great
> success :-) then it might have a chance of finding an audience.

Okay, an argument for "future development being appropriate, current not
being"... more info?

>
> Crispin
> 
> --
> Crispin Cowan, Ph.D.
> Chief Scientist, WireX Communications, Inc. http://wirex.com
> Security Hardened Linux Distribution:       http://immunix.org
> Available for purchase: http://wirex.com/Products/Immunix/purchase.html
> 
> 
> _______________________________________________
> linux-security-module mailing list
> linux-security-moduleat_private
> http://mail.wirex.com/mailman/listinfo/linux-security-module
> 


_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: richard offer: "Re: Problems with some of the current hooks"
• Previous message: Stephen Smalley: "Re: Making forward progress"
• In reply to: Crispin Cowan: "Re: Making forward progress"
• Next in thread: Crispin Cowan: "Re: Making forward progress"
• Next in thread: Stephen Smalley: "Re: Making forward progress"
• Next in thread: Valdis.Kletnieksat_private: "Re: Making forward progress"
• Next in thread: David Wheeler: "RE: Making forward progress"
• Reply: Crispin Cowan: "Re: Making forward progress"
• Reply: Seth Arnold: "Re: Making forward progress"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 11:21:41 PDT