Re: New stacker performance results

From: Casey Schaufler (
Date: Wed May 25 2005 - 10:29:57 PDT

--- Stephen Smalley <sds@private> wrote:

> I'm not sure I follow your meaning above ...

The introductory paragraph is used in this case
to set the stage for the upcoming argument.

> Feel free to
> suggest your own, but be ready to provide supporting
> documentation of
> how it has been analyzed for its ability to
> represent a wide spectrum of
> security models.  Such analysis has been done and is
> available in
> publicly available reports for SELinux.

I refer you to the message archives for this list.
Look up "authoritative hooks".

> ... extending
> SELinux to support it should be more straightforward
> than having to
> implement an entirely new security module from
> scratch.

Perhaps. I understand the general notion that
it's easier to write in PERL than C. Does that
mean the overhead of PERL is worth the cost?
I suggest that in many cases it is not.

> > SELinux associates rights and privileges with
> > programs, a paradigm that has it's detractors.
> Aside from the fact that such detractors are wrong,

Bah! (Waves paw)

> Sorry, a "complete" description of how "in general"
> one might create an
> "arbitrary" policy?  The assumptions force the
> conclusion.

Ah, but such is nonetheless necessary. For LSM
the complete, general, and arbitrary description
is not only possible, but reasonably strait forward.
(No, I do not intend to write it. Had LSM gone with
Authoritative hook I'd already have provided it.)
LSM does have limitations (e.g. replacing mode bits)
but they are readily identified.

For SELinux I expect no less if y'all want it to
replace LSM as the "general" advanced security

And playing with words doesn't make the issue
go away. The fact that the problem is hard does
not entitle you to an "easy button".

Casey Schaufler

Do you Yahoo!? 
Yahoo! Small Business - Try our new Resources site

This archive was generated by hypermail 2.1.3 : Wed May 25 2005 - 10:30:40 PDT