Re: Legitimate Question

• Previous message: Russell Coker: "Re: Legitimate Question"
• In reply to: Kurt Seifried: "Re: Legitimate Question"
• Next in thread: Crispin Cowan: "Re: Legitimate Question"
• Next in thread: Russell Coker: "Re: Legitimate Question"
• Reply: Crispin Cowan: "Re: Legitimate Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Kurt Seifried wrote:

> Otherwise what is the point of having LSM at all if we start allowing apps
> full system access (i.e. root access as is currently implemented on most
> stock unix systems)?

As I'm already a heretic (Bring Back Bumper 3!) I can suggest
a solution. Enforce policy on a per-task basis. Assign a "sure,
go ahead" policy to the installation process.

-- 

Casey Schaufler				Manager, Trust Technology, SGI
caseyat_private				voice: 650.933.1634
casey_pat_private			Pager: 888.220.0607
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Crispin Cowan: "Re: Legitimate Question"
• Previous message: Russell Coker: "Re: Legitimate Question"
• In reply to: Kurt Seifried: "Re: Legitimate Question"
• Next in thread: Crispin Cowan: "Re: Legitimate Question"
• Next in thread: Russell Coker: "Re: Legitimate Question"
• Reply: Crispin Cowan: "Re: Legitimate Question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jan 28 2002 - 09:41:32 PST