Re: New stacker performance results

From: Bob Bennett (Robert.Bennett@private)
Date: Wed May 25 2005 - 11:32:06 PDT

On Wed, 2005-05-25 at 10:55, James Morris wrote:
> On Wed, 25 May 2005, Stephen Smalley wrote:
> > - using SELinux as the shared framework and directly integrating them
> > into it so that they can leverage its policy abstractions as well and
> > serve to reinforce the access controls rather than being redundant.
> Given that nobody has come up with an upstream alternative to SELinux 
> since the merging of LSM, this should certainly be considered.
> In fact, there has recently been some discussion about removing LSM
> completely and just using SELinux directly.

To remove LSM completely would be tragic.  LSM, while not perfect,
provides a very nice means to develop an access control implementation
without creating a custom kernel.  After all, isn't _choice_ what Linux
is all about?  The architecture should allow alternative

- Bob Bennett
  Computer Associates
> - James

This archive was generated by hypermail 2.1.3 : Wed May 25 2005 - 12:20:02 PDT