Re: [RFC] 2.4.11-pre4 patch

• Previous message: jmjonesat_private: "Re: [RFC] 2.4.11-pre4 patch"
• In reply to: Greg KH: "Re: [RFC] 2.4.11-pre4 patch"
• Next in thread: Seth Arnold: "Re: [RFC] 2.4.11-pre4 patch"
• Next in thread: jmjonesat_private: "Re: [RFC] 2.4.11-pre4 patch"
• Reply: Seth Arnold: "Re: [RFC] 2.4.11-pre4 patch"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Greg KH wrote:

 >On Fri, Oct 05, 2001 at 08:05:13PM -0400, jmjonesat_private wrote:
 >
 >>>The MAC/DAC ordering seems to be resolved (i.e. WireX hasn't complained,
 >>>and they were the only ones that seemed to mind in the first place.)
 >>>
 >>Totally outside the specifics of this hook... WHEN?!?!
 >>
 >>Please respond with references to the the appropriate posts to this list
 >>that "decided" that.  Personally, I'd like to review them.  You may be
 >>right, but some of us missed those references.
 >>
 >No one has said anything about this in quite some time, so I guessed
 >that the parties that didn't like the current situation have either
 >learned to like it, or have been asleep. :)
 >
That is inaccurate.  SGI complained about the MAC/DAC order way back
when (several months ago now).  WireX wanted the status quo (DAC first,
short-circuited). Then WireX proposed that authoritative hooks might
simultaneously solve several problems, including the MAC/DAC order
question. SGI has been silent on the MAC/DAC order question precisely
because we were considering the authoritative hooks instead.

To refresh everyone's memory, here is the notes from the August LSM BoF
http://mail.wirex.com/pipermail/linux-security-module/2001-August/001663.html 

in which we all agreed that authoritative hooks was the right approach,
if SGI could satisfy several questions. They've been working towards it
ever since. Pity Greg wasn't at the BoF, as all the other major
participants were.

Re: the next BoF. Rumor has it that there will be a DARPA CHATS meeting
co-located with NDSS 02, February 6-8, San Diego. This makes it a good
place for the next LSM BoF, marking several firsts:

     * first on the west coast
     * first in the winter
     * first in nearly six months :-)

Crispin

-- 
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc. http://wirex.com
Security Hardened Linux Distribution:       http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html




_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Seth Arnold: "Re: [RFC] 2.4.11-pre4 patch"
• Previous message: jmjonesat_private: "Re: [RFC] 2.4.11-pre4 patch"
• In reply to: Greg KH: "Re: [RFC] 2.4.11-pre4 patch"
• Next in thread: Seth Arnold: "Re: [RFC] 2.4.11-pre4 patch"
• Next in thread: jmjonesat_private: "Re: [RFC] 2.4.11-pre4 patch"
• Reply: Seth Arnold: "Re: [RFC] 2.4.11-pre4 patch"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Oct 05 2001 - 18:11:34 PDT