Mark Hahn wrote: > can all this LSM nonsese be CONFIG'ed out of the kernel as promised? Yes. CONFIG_SECURITY=n makes it all go away. But if your mind isn't completely closed on the topic, you might want to read some of the following published papers before concluding that it is nonsense: 1) The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments, available online from http://www.nsa.gov/selinux/inevit-abs.html. 2) The published papers about SELinux from the 2001 FREENIX and 2001 OLS, available online from http://www.nsa.gov/selinux/docs.html. 3) The published papers about LSM from the 2002 Usenix Security and 2002 OLS, available online from http://lsm.immunix.org/lsm_doc.html. -- Stephen Smalley, NSA sdsat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Feb 05 2003 - 08:55:18 PST