Stephen Smalley wrote: > On Wed, 15 Aug 2001, Crispin Cowan wrote: > > IMHO, the "patch" approach is useless. We might as well revert to > > distributing individual patches for our projects. > Actually, this isn't entirely true. Although our goal is definitely > to gain acceptance into the mainstream kernel (if necessary as a > configuration option), the LSM patch might still be a worthwhile > investment even if it were rejected. Rather than each of us needing > to maintain our own kernel patch, the various security projects could > jointly maintain the LSM patch (thereby reducing the individual burden > on each project). This would allow each of us to spend more time on > our individual security modules. It also fosters exchange of ideas > between the security projects and provides more eyes inspecting the > kernel patch. True enough: so there is some value in a LSM-community patch. In fact, that is how early adopters will (are?) use it: as a floating patch to 2.5, or a back-ported patch to 2.4. But it is a far less desirable outcome than an accepted feature of the mainline Linux kernel. Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Aug 15 2001 - 16:12:01 PDT