Casey Schaufler wrote: >Kurt Seifried wrote: > >>Otherwise what is the point of having LSM at all if we start allowing apps >>full system access (i.e. root access as is currently implemented on most >>stock unix systems)? >> >As I'm already a heretic (Bring Back Bumper 3!) I can suggest >a solution. Enforce policy on a per-task basis. Assign a "sure, >go ahead" policy to the installation process. > ... and Casey invents the SubDomain model :-) Also the TRON and Janus model. Yes, as I've been flogging the deceased equine, permission to install is a policy issue, to be determined by your favorite policy, in its own idomatic way. LSM exists precisely because of a lack of consensus on what the One True Policy Model should be. Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html The Olympic Games: A Century of Corruption and Graft The FIS: Crushing the soul of snowboarding _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Jan 28 2002 - 10:20:35 PST