jmjonesat_private wrote: > 1) authoritative hooks: YES, NO, CONDITIONAL (how?) Greg KH <gregat_private> wrote: >No. I've already talked about why I feel this way. Please see the archives. So far, no one's shown a way for SGI to meet their needs using restrictive-only hooks. jmjones' desires aren't met either. Clearly, the restrictive-only approach is not helping some -- it's simply TOO restrictive, and the goal of LSM is to be useful to many. Also, some of the original advantages for restrictive-only approaches (to prevent accidental errors & simplify analysis) have turned out to be much weaker than it originally appeared. Since restrictive-only isn't working for some, and it's less helpful than it originally appeared, it's quite appropriate to re-examine this assumption. At the BOF, it was agreed to let SGI develop & propose an authoritative version that would meet their needs. That way, it can be shown (not guessed) how ugly/easy it would be. Let's let SGI develop its proposal, as was agreed to at the BOF. _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue Sep 04 2001 - 06:12:43 PDT