'Christoph Hellwig' wrote: > And here we see _the_ problem with the LSM process. I personally don't agree with the subject line, as I don't believe that anything "went wrong" with LSM. True, it's not what I want, but then my contribution wasn't what it needed to be to make it such, either. I often disagreed with the directions, and was sometimes surprised, but that kind of thing happens in a large group environment. My sage wisdom was considered more often than not, even if it was discarded unused from time to time. I've been retrofitting security policy into U2X systems since the 1980's, first Orange Book and now Common Criteria, and it's HARD. LSM is a fine first whack. No one should dispair that it fails to meet a particular need exactly, or that those meany maintainers won't accept your hook without seeing the code that uses it. Alan Cox described the Linux development process as climbing over a fence with everyones hands in each others pockets, and I think that describes LSM pretty well. Advanced security features are unpopular, and all evidience points to them remaining so. We, as a development community, have yet to convince the great insecure masses that they want to see audit trails, user clearances, and time of day controls in "their" kernels. Heck, we have yet to convince each other! But buck up, I fully expect we'll do better next round, and better the time after that, as well. LSM isn't finished because Linux isn't finished and as a group we security developers are a tenacious (stubborn? pig headed maybe?) lot. -- Casey Schaufler Manager, Trust Technology, SGI caseyat_private voice: 650.933.1634 casey_pat_private Pager: 877.557.3184 _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Feb 12 2003 - 17:57:37 PST