From: Casey Schaufler (caseyat_private)
Date: Wed Nov 07 2001 - 17:49:20 PST

  • Next message: jmjonesat_private: "Re: SNARE"

    jmjonesat_private wrote:
    > Thanks.  Their project claims to handle such things as audit and C2, but I
    > have no personal knowlege one way or the other.
    > The claim alone may justify LSM as another project, provided LSM doesn't
    > preclude their project.
    > I'm glad they are proceding in an LSM+Kernel method.
    I think you are reading the message optomistically. (Damn! I Wish I
    Could Spell!) I don't see that at all. I see that they looked
    at it once, and hope it has evolved to meet their needs, but that
    they are not is a position to say one way or the other.
    > I believe LSM inclusion is a "done deal",
    I do not share that view.
    > with some concerns about the impact of
    > excessively opinionated individuals.
    Now now, let's not cast oil on the waters. Especially with all
    these burning matches!
    > I hope that the "core members" will
    > respond to kernel developer questions, and "back door" the rest of us, for
    > advice and opinion.
    The Cabal seems to have a separate channel for communication.
    Truth be told, I think they're in the process of wrapping things
    up off line, and will present their conclusions to the rabble on
    their own schedule.
    > Our solution is much too invasive to propose to the kernel community as an
    > "official inclusion", (unless we get good numbers, like 50% or more
    > application) but, then again, we're addressing a very specific
    > set of needs (without excluding other needs.)  We simply want a Linux that
    > is secure for our Customers.  Access-Restrictive may actually be secure,
    > but audit filtered through AI makes us more comfortable sleeping at night.
    Yes, well, we're not dead yet.
    > We're admins (Consumers (Customers in the way I understood Greg K-H to
    > exclude)) of Linux.
    Exclusion is a bad idea. Inclusion. Solutions for everyone!
    Casey Schaufler				Manager, Trust Technology, SGI
    caseyat_private				voice: 650.933.1634
    casey_pat_private			Pager: 888.220.0607
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Wed Nov 07 2001 - 17:52:46 PST