Christoph Hellwig wrote: >you don't get tru security by adding hooks. security needs a careful >design and more strict access control policy can but don't have to be part >of that design. > LSM does have a careful design. The design goal was to permit loadable kernel modules to mediate access to critical kernel objects by user level processes. By providing such a facility, LSM enables arbitrary security policies and policy management engines to be implemented as loadable modules. This solves the "make one size fit all" problem of diverse interests lobbying Linus to adopt one security model or another as the Linux standard. The LSM design saves Linus from having to make such a choice by allowing end-users to make their own choice, meeting a goal stated by Linus nearly two years ago. >The real problem is adding mess to the kernel. > Christoph's problem is likely that he doesn't like the design. Fair enough, can't please everyone, but a lot of effort went into that design. I also suspect that Christoph does not approve of Linus' design goal either, but he's never said that when I was looking. Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX http://wirex.com/~crispin/ Security Hardened Linux Distribution: http://immunix.org Just say ".Nyet"
This archive was generated by hypermail 2b30 : Sun Feb 09 2003 - 17:40:25 PST