> LSM was proposed as an enhancement to the existing LKM > (Loadable Kernel > Module) interface. As such, I thought it was implicit, if not > obvious, > that LSM would not change the current licensing practices for LKMs. > Current practice discourages closed source modules, but > permits them if > they do not require modification to the kernel to run, as helpfully > pointed out by Richard Offer in his citation to "Linux Device > Drivers, > 2nd ed, O'Reilly, p12". But LSM adds new infrastructure to the kernel, thereby extending the range of what can be represented by a loadable kernel module. Based on the past example of networking hooks and Greg's feedback from kernel developers about the LSM kernel patch, LSM may be unacceptable unless it can only be used by open source security modules. Greg also indicated that this same kind of restriction is going to be imposed on other kinds of kernel modules (IDE drivers?). > Now, WHY should it be this way? Because security modules are often > large & expensive to maintain. When Linus rejected outright > inclusion of > SELinux into Linux, he cut off security from the large > powerhouse that > is Linux maintenance: security module maintainers are on their own. I doubt that the kernel developers are going to care much about this. _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Sep 24 2001 - 12:54:44 PDT