Re: Making forward progress

From: Crispin Cowan (crispinat_private)
Date: Mon Aug 06 2001 - 11:37:36 PDT

  • Next message: Crispin Cowan: "Re: Making forward progress"

    jmjonesat_private wrote:
    > On Mon, 6 Aug 2001, Crispin Cowan wrote:
    > > > 1) make hooks authoritative,
    > > Not yet.  I'm still waiting to hear whether the promised advantages are
    > > real or not.  In particular, I want to know whether Smalley's style of
    > > authoritative hooks (DAC-in, DAC-first, send DAC result to module as a
    > > parameter, and let the module make the final decision) actually improves
    > > SGI's situation.  Richard?
    > Riddle me this: how are they NOT real?  They allow me to build a module
    > that does things differently than the 6 or 7 pre-existing security
    > projects, but don't inhibit ANY of them from doing what they desire:
    > proving that they can't grant permission when another model (even
    > in-kernel) denies.
    The "old" benefits (can do more hypothetical stuff) we're aware of, but decided
    weren't worth the cost (benefits of simple assurance).  The "new" benefits are that
    they may ease the tension between the DAC-firs people and the MAC-first people.  That
    is the key.
    > > > 2) DON'T buy-in the DAC-OUT yet, but keep an open mind,
    > >
    > > Sorry, my mind is close on this issue :-)
    > I'm very sorry to hear this.  I've always advocated you as having an open
    > mind, and I don't think there's clear, irrefutable proof to the contrary,
    > at this point.
    "open minded" means not judging issues you don't yet have evidence for.  We (WireX)
    considered it, and gathered tons of evidence that DAC-out is an impractical idea.
    Others who went and looked seemed to come to similar conclusions.  I'm tired of
    discussing it.  It has no chance of ever succeeding, so we're wasting our time
    considering it.
    Crispin Cowan, Ph.D.
    Chief Scientist, WireX Communications, Inc.
    Security Hardened Linux Distribution:
    Available for purchase:
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 11:38:52 PDT