Stephen Smalley wrote: >>Now, the >>argument has changed. It's been changed to "show us an access control need >>is there", and SGI immediately returns with "POSIX ACLs". >>POSIX ACLs are certainly a good example, once agreed upon as the defacto ACL >>standard by a number of major companies. >> >I think that this has always been a requirement for LSM. > True, it has always been an LSM requirement for a feature request that a module exist (at least nascently) that needs the feature. So this is not a new requirement, and is not even special to the authoritative question; it applies to all feature requests. >>However, there was consensus in >>the summer to let SGI come up with the auth patch and, if it didn't >>introduce a large degree of complexity, to let it go into BK. What ever >>happened to that? Are we now retreating to the earlier disagreement before >>the compromise was made? >> >At least two key contributors to LSM weren't present at that BOF - Greg >K-H and James Morris, both of whom have actually gotten code into the >mainstream kernel. And we know that Greg has never agreed to >authoritative hooks. > As a point of order, James Morris was not a committer at the time of the BoF. By my records, James has been an active contributor to LSM since 6/29, but wasn't made a committer until approx. 9/4, approximately two weeks after the BoF. Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Oct 31 2001 - 09:17:48 PST