Authoritative Hooks

From: Crispin Cowan (crispinat_private)
Date: Mon Nov 05 2001 - 11:13:33 PST

  • Next message: Casey Schaufler: "Re: Authoritative Hooks"

    I'm afraid that the authoritative hooks patch is not going to be 
    accepted into LSM prior to its initial submission to the kernel 
    developers. After careful consideration, none of the LSM committers are 
    comfortable with accepting this patch at this time.
    As has been noted previously, the authoritative hooks patch raises at 
    least the following concerns:
       1. It is more invasive.
       2. It increases the likelihood that modules can accidentally
          undermine the base logic.
       3. It increases the likelihood that the LSM patch will introduce an
          error into the base kernel.
    It is our belief that these changes do not belong in the initial version 
    of LSM (especially given our limited charter and original goals), and 
    should be proposed as incremental refinements after LSM has been 
    initially accepted. These changes pose a risk to the initial acceptance 
    of LSM, which could jeopardize the existing open source security modules 
    that have no need of these changes.
    The arguments here are similar to those against moving all of the kernel 
    access control logic from the base kernel into the security modules in 
    the initial LSM. While this may be a worthy long term goal, it is not a 
    practical first step for LSM, and after careful consideration, it seems 
    that neither are authoritative hooks. We must walk before we can run.
    We appreciate SGI's participation in LSM and hope that they will 
    continue to participate despite this setback. It is our belief that the 
    current LSM will provide a meaningful improvement in the security 
    infrastructure of the Linux kernel, and that there is plenty of room for 
    future expansion of LSM in subsequent phases. We look forward to 
    continuing to work with SGI as long as they are willing to do so.
    Crispin Cowan, Ph.D.
    Chief Scientist, WireX Communications, Inc.
    Security Hardened Linux Distribution:
    Available for purchase:
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Mon Nov 05 2001 - 11:14:52 PST