Re: Authoritative Hooks

From: Casey Schaufler (caseyat_private)
Date: Mon Nov 05 2001 - 16:58:27 PST

  • Next message: Casey Schaufler: "Re: Authoritative Hooks"

    Greg KH wrote:
    > On Mon, Nov 05, 2001 at 05:21:34PM -0500, Valdis.Kletnieksat_private wrote:
    > >
    > > "So what you're saying is that the Linux world isn't serious about security?"
    > Audit, and ACLs do not make up all of "security" :)
    This is true. They are an important part of the existing
    Trusted Systems offerings, however. Without them, it's easy
    to say "Linux isn't as good as <other_system_name>", as
    every proprietary system has them.
    > No, what the LSM group decided was to not support audit or ACLs right
    > now (and I haven't seen an ACL patch yet, to really verify this.)  What
    > they did decided to do is support the most minimal security patch they
    > could at first cut, which happens to support quite a number of different
    > security models.
    Not, however, to meet the industry standard C2 or B1 feature sets.
    I know, I know, there are 632 reasons why C2/B1 is irrelevent to
    "real" security. That doesn't help when the customer asks the
    question. Is LSM really worth presenting if it can't even support C2?
    > The fact that 4 lines of patch causes a syscall to totally change it's
    > logic model is quite invasive.
    Fair enough, altough I tend to give y'all more credit than that.
    > Huh?  If you want to have your own patch, you can do whatever you want
    > and mess up the base logic.  That's up to you.  I don't understand your
    > argument here.
    The argument is that if the LSM group changes the logic the
    odds are much better that it will be done right than if I have
    one of my minions do it, and if the LSM group does it
    	I don't need to do a patch.
    > "A lot" so far == 2.  And no one has really proven the second one (ACLs).
    If you look at the code we put out on
    you ought to be convinced.
    > How many projects work with the current patch?  A bunch.  How many will
    > work if we don't get any LSM patch in?  None :)
    For my money, I have as much (or more) work ahead of me with
    the current LSM as I do without it. With authoritative hooks
    all the proposed projects would work. Certainly it would be
    worth a small amount of additional effort to be inclusive.
    Well, y'all have decided not. Like I said before, I'm disappointed. 
    Casey Schaufler				Manager, Trust Technology, SGI
    caseyat_private				voice: 650.933.1634
    casey_pat_private			Pager: 888.220.0607
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Mon Nov 05 2001 - 17:01:44 PST