* Crispin Cowan (crispinat_private) wrote: > > The debate thread > http://mail.wirex.com/pipermail/linux-security-module/2001-September/002017.html > that Greg KH referred to is about whether LSM (security) modules should > ever be permitted to be proprietary. Some feel that all LSM modules > should be OSD-compliant Open Source software, while others feel that LSM > should continue the existing Linux module policy of permitting > proprietary modules only if they do not require changes to the Linux > kernel (which would make them a derived work of the kernel). OK, the above is exactly why i think kernel developers are concerned about the combination of LSM and proprietary binary only modules. LSM _does_ require significant change to the Linux kernel. So now you have a module that is based on major change to kernel. In addition these changes make it possible to easily fundamentally change the behavior of the linux kernel with a binary only proprietary module (this is precisely why there is no interface to change the syscall table). I, like David Wagner noted, would prefer to defer this to the stage where we propose lsm as a part of 2.5, but would not be surprised if this very issue is brought up. -chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Sep 24 2001 - 16:25:32 PDT