Casey Schaufler wrote: >The shear cleverness of the capability+restrictive scheme >is I believe its undoing. You can use it to totally circumvent >the security architecure of the system. While it is fun to >play with this sort of thing, I would never suggest using it >for production code. So you're worried that bugs in your hooks might cause huge security holes, is that the idea? I agree -- from a software engineering point of view, any time you're authoratively replacing the kernel's logic, it's dangerous. But doesn't the same argument apply to authorative hooks? (Maybe with not quite as much force; is that your point?) Maybe I didn't understand exactly the argument you are making or exactly what your concern is -- could you spell it out in a bit more detail? _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Nov 09 2001 - 16:48:06 PST