Re: [PATCH] LSM networking: tcp hooks for 2.5.59 (8/8)

Previous message: David S. Miller: "Re: [PATCH] LSM networking: netlink hooks for 2.5.59 (6/8)"
In reply to: James Morris: "[PATCH] LSM networking: tcp hooks for 2.5.59 (8/8)"
Next in thread: James Morris: "Re: [PATCH] LSM networking: tcp hooks for 2.5.59 (8/8)"
Next in thread: David S. Miller: "Re: [PATCH] LSM networking: netlink hooks for 2.5.59 (6/8)"
Reply: James Morris: "Re: [PATCH] LSM networking: tcp hooks for 2.5.59 (8/8)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

davemat_private

No, no, and no.

This stuff will not pass.

There is no way in hell we're going to insert this security crap into
the actual protocol implementations.  I was right in seeing this as a
virus that will eventually infect the whole tree.

None of these security modules should know jack anything about open
requests and other TCP internals.

This stuff is totally unmaintainable garbage.  And I do not want to
hear "well how can we implement xxx which we need for yyy" because it
isn't my problem that you can't figure out a clean way to do this
stuff.

Linus would similarly barf if he was given a patch that added
hooks like "security_ext2_foo()".

I totally reject this networking security stuff for 2.6.x
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module