On Thu, 23 Aug 2001, richard offer wrote: > I do not believe that we (LSM) can assume that there will be a phase 2. We > should definetely not plan for one. While we (SGI) will do a phase 2 (we > still need those darned FD's for POSIX compliance), that's not to say the > rest of the LSM project will provide ongoing support for Casey's Evil Plan > for World Domination :-) I don't know if I agree with the "dubious nature" of a Phase 2 or not. LSM is something fairly new, and very often the first pass reveals a slew of things that can be done better with a second pass at it. I do agree that planning one out now isn't a particularly useful concept... if we can envision something that will "definitely be needed in phase 2", we probably should accomodate it now... then let phase 2 design itself based on the experience gained from phase 1. Even give some consideration to possibly providing some minor architectural support for the known "extras" that we may be expanding upon later, but not bundling it now. I see this as a major advantage of authoritative hooks. > > Shipping something small which we know is flawed for some policies just to > be able to say we've shipped something small is optimising on the wrong > parameter. Well, there's the concept of a "loss leader"... get your foot in the door and then go back in and "telescope." Shipping something with known flaws, though, just so you can charge $90 for the fix and call it an "upgrade" later on puts me in mind of a large company I won't name... and is never a good idea, imho. Eventually, it catches up with you. Best foot in the door first. First and foremost, LSM should work to enhance linux security, foster experimentation and competition among different product strategies, and be as "truely general" as is possible without getting "out in the weeds"... optimize the size/cost issue as the second variable. > richard. > > ----------------------------------------------------------------------- > Richard Offer Technical Lead, Trust Technology, SGI > "Specialization is for insects" > _______________________________________________________________________ J. Melvin Jones |>------------------------------------------------------ || J. MELVIN JONES jmjonesat_private |>------------------------------------------------------ || Microcomputer Systems Consultant || Software Developer || Web Site Design, Hosting, and Administration || Network and Systems Administration |>------------------------------------------------------ || http://www.jmjones.com/ |>------------------------------------------------------ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Aug 23 2001 - 10:49:03 PDT