jmjonesat_private: > > Has anybody written a paper, or a list, or a set of notes that respond to > the following question, yet? > > " > Since secure-systems are a minority of installed systems, and the LSM code > works exceptionally well with a common-patch, why should this patch enter > into the "official" code tree for Linux and not simply track it as a > shared resource for secure-system developers, developed outside the 'stock > kernel' tree? > " > > Risking My Unpopularity > To Ask a Question Early, > That Will CERTAINLY Be Asked Eventually, > Hopefully to get some REALLY GOOD REASONS (RGR's), > J. Melvin Jones > > P.S. -- I'm an easily beaten "gat-fly". :) How about: One reason secure systems are a minority is that the administrators and users are not aware that higher levels of security are even possible. In many cases, they may hear of "trusted computing" or perhaps even "orange book B1" (or the new buzphrase "trustworty computing"). But without an example of one it is impossible to determine if such a beast would be usefull. Much less learn how to use it. Once an implementation (or in our case, hooks) become standard, it becomes much easier to add a module, configure it, and evaluate the result. This breeds understanding. Understanding of multiple security models will expand the range of security awareness, and lead to more secure systems being implemented and actually used. There will need to be a lot of documentation and "how to" texts written, but that will come with/when knowlegeable administrators try them out, and ask questions. It also will expand the confidence of some administrators just knowing that if it DID become necessary/mandatory, it is possible to increase the security level of the system. In some environments it is already mandated to have more security than that defined as "C2", but it isn't being done just because "it isn't standard" or "it's too expensive" (the usual answer I get :). Several medical databases are/have been implemented on multiple servers, with disjoint data bases/networks simply because there are so few systems that CAN be made more secure. This introduces errors (and expesive hardware duplication) becuase data must be entered two or more times, once for each database. ------------------------------------------------------------------------- Jesse I Pollard, II Email: pollardat_private Any opinions expressed are solely my own. _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Mar 22 2002 - 13:37:12 PST