On Fri, 18 Oct 2002 17:18, Christoph Hellwig wrote: > > The part you're missing here is that the "fuzzy buzzword mechanism" is > > deployable *NOW*, and will provide *real benefits* *NOW*, rather than > > having to wait for the 2.7 or 3.1 or whatever kernel. > > By messing up the kernel. Note that I don't want to steal you your > code - deploy it if you want, but don't harm the mainline kernel with it. So how does it harm the mainline kernel to have a system call reserved for LSM and then not allow anything in the mainline kernel that uses it? Then we can deploy modules using the current LSM design without harming the mainline kernel. The only code that we really want to see in the mainline kernel is the hooks for permission checks. Personally I would not mind if no security module ever gets included in Linus' source tree. Disclaimer: This message is my own opinion, even if I was part of "team LSM" I would not be representing them in this issue. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Oct 18 2002 - 09:31:24 PDT