Re: [PATCH] remove sys_security

From: Russell Coker (russellat_private)
Date: Fri Oct 18 2002 - 09:30:28 PDT

  • Next message: Christoph Hellwig: "Re: [PATCH] remove sys_security"

    On Fri, 18 Oct 2002 17:18, Christoph Hellwig wrote:
    > > The part you're missing here is that the "fuzzy buzzword mechanism" is
    > > deployable *NOW*, and will provide *real benefits* *NOW*, rather than
    > > having to wait for the 2.7 or 3.1 or whatever kernel.
    >
    > By messing up the kernel.  Note that I don't want to steal you your
    > code - deploy it if you want, but don't harm the mainline kernel with it.
    
    So how does it harm the mainline kernel to have a system call reserved for LSM 
    and then not allow anything in the mainline kernel that uses it?  Then we can 
    deploy modules using the current LSM design without harming the mainline 
    kernel.
    
    The only code that we really want to see in the mainline kernel is the hooks 
    for permission checks.  Personally I would not mind if no security module 
    ever gets included in Linus' source tree.
    
    
    Disclaimer:  This message is my own opinion, even if I was part of "team LSM" 
    I would not be representing them in this issue.
    
    -- 
    http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
    http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
    http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
    http://www.coker.com.au/~russell/  My home page
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Fri Oct 18 2002 - 09:31:24 PDT