--- Stephen Smalley <sds@private> wrote: > I'm not sure I follow your meaning above ... The introductory paragraph is used in this case to set the stage for the upcoming argument. > Feel free to > suggest your own, but be ready to provide supporting > documentation of > how it has been analyzed for its ability to > represent a wide spectrum of > security models. Such analysis has been done and is > available in > publicly available reports for SELinux. I refer you to the message archives for this list. Look up "authoritative hooks". > ... extending > SELinux to support it should be more straightforward > than having to > implement an entirely new security module from > scratch. Perhaps. I understand the general notion that it's easier to write in PERL than C. Does that mean the overhead of PERL is worth the cost? I suggest that in many cases it is not. > > SELinux associates rights and privileges with > > programs, a paradigm that has it's detractors. > > Aside from the fact that such detractors are wrong, Bah! (Waves paw) > Sorry, a "complete" description of how "in general" > one might create an > "arbitrary" policy? The assumptions force the > conclusion. Ah, but such is nonetheless necessary. For LSM the complete, general, and arbitrary description is not only possible, but reasonably strait forward. (No, I do not intend to write it. Had LSM gone with Authoritative hook I'd already have provided it.) LSM does have limitations (e.g. replacing mode bits) but they are readily identified. For SELinux I expect no less if y'all want it to replace LSM as the "general" advanced security interface. And playing with words doesn't make the issue go away. The fact that the problem is hard does not entitle you to an "easy button". Casey Schaufler casey@schaufler-ca.com __________________________________ Do you Yahoo!? Yahoo! Small Business - Try our new Resources site http://smallbusiness.yahoo.com/resources/
This archive was generated by hypermail 2.1.3 : Wed May 25 2005 - 10:30:40 PDT