Christoph Hellwig wrote: >Sorry, but I care for the Linux kernel and think adding this stuff all >over the place will not help us in the long term. In fact I'm pretty sure >that > C2 grade security in a general purpose Operating System is a really >bad idea. LSM is not about C2 grade security; C2 grade security is just one model that people have used LSM to enforce. LSM is being used to support a number of different security models (see, e.g., SubDomain, OwlLSM, etc.). That was exactly why Linus directed this group to build LSM this way. It would be a misconception to think that LSM is somehow tied to Orange Book style security. (If you have a constructive counter-proposal for us that lets us achieve similar security goals but in a way that you would find more attractive, please do tell. But I think this group does take these issues seriously.) _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Feb 05 2003 - 15:38:38 PST