Authoritative Hooks

• Previous message: richard offer: "Re: Proposed documentation patch to security.h"
• Next in thread: Casey Schaufler: "Re: Authoritative Hooks"
• Reply: Casey Schaufler: "Re: Authoritative Hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'm afraid that the authoritative hooks patch is not going to be 
accepted into LSM prior to its initial submission to the kernel 
developers. After careful consideration, none of the LSM committers are 
comfortable with accepting this patch at this time.
As has been noted previously, the authoritative hooks patch raises at 
least the following concerns:

   1. It is more invasive.
   2. It increases the likelihood that modules can accidentally
      undermine the base logic.
   3. It increases the likelihood that the LSM patch will introduce an
      error into the base kernel.

It is our belief that these changes do not belong in the initial version 
of LSM (especially given our limited charter and original goals), and 
should be proposed as incremental refinements after LSM has been 
initially accepted. These changes pose a risk to the initial acceptance 
of LSM, which could jeopardize the existing open source security modules 
that have no need of these changes.

The arguments here are similar to those against moving all of the kernel 
access control logic from the base kernel into the security modules in 
the initial LSM. While this may be a worthy long term goal, it is not a 
practical first step for LSM, and after careful consideration, it seems 
that neither are authoritative hooks. We must walk before we can run.

We appreciate SGI's participation in LSM and hope that they will 
continue to participate despite this setback. It is our belief that the 
current LSM will provide a meaningful improvement in the security 
infrastructure of the Linux kernel, and that there is plenty of room for 
future expansion of LSM in subsequent phases. We look forward to 
continuing to work with SGI as long as they are willing to do so.

Crispin

-- 
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc. http://wirex.com
Security Hardened Linux Distribution:       http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html



_______________________________________________
linux-security-module mailing list
linux-security-module@wirex.com
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Casey Schaufler: "Re: Authoritative Hooks"
• Previous message: richard offer: "Re: Proposed documentation patch to security.h"
• Next in thread: Casey Schaufler: "Re: Authoritative Hooks"
• Reply: Casey Schaufler: "Re: Authoritative Hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Nov 05 2001 - 11:14:52 PST