Re: [RFC] LSM changes for 2.5.38

From: Seth Arnold (sarnoldat_private)
Date: Wed Oct 02 2002 - 15:55:42 PDT

  • Next message: Alan Cox: "Re: [RFC] LSM changes for 2.5.38"

    On Wed, Oct 02, 2002 at 07:39:40PM +0100, Christoph Hellwig wrote:
    > > It seems to me that you're arguing both sides here - first you say that
    > > a full code audit is needed so you know 'WTF is going on', and then you're
    > > saying that it's impossible to know.
    > 
    > The person who performs the audit can know it.  But how often will that be
    > the author of the LSM module? 
    
    We've said on this list a few times that it is important for security
    module authors to understand the implications of their decisions.
    Deciding to not mediate module parameters is a valid decision. Deciding
    to mediate module parameters is a valid decision. One requires very
    little thought and sidesteps the matter entirely. The other requires
    quite a bit of thought and is difficult to get right -- but that is not
    a problem for LSM, per se; it is for the authors of security modules.
    
    
    -- 
    http://immunix.org/
    
    
    

    _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module



    This archive was generated by hypermail 2b30 : Wed Oct 02 2002 - 15:56:40 PDT