> -----Original Message----- > From: linux-security-module-bounces@private [mailto:linux-security-module- > bounces@private] On Behalf Of Casey Schaufler > Sent: Wednesday, May 25, 2005 9:01 PM > To: linux-security-module@private > Subject: Re: New stacker performance results > > > --- James Morris <jmorris@private> wrote: > > On Wed, 25 May 2005, Crispin Cowan wrote: > > > > > What constitutes "inappropriate" here? > > > > In my view, LSM should be used for significantly > > enhancing access control > > systems. > > > > See: > > > http://www.ussg.iu.edu/hypermail/linux/kernel/0503.1/0300.html > > >From that message: > > > One of the reasons I would put forward for this > > is that it can be dangerous to allow the user to > > arbitrarily compose security modules. > > Not to throw gasoline on the fire (Oh jiminies, > why not) but this is exactly what SELinux claims > as it's primary value, that the end user can > script her very own security policy. > Composing security modules - i.e. security mechanisms - is vastly different than configuring a single, coherent security mechanism with a security policy. In the first case the semantics are difficult if not impossible to determine. In the latter the semantics are well defined. Karl --- Karl MacMillan Tresys Technology http://www.tresys.com (410) 290-1411 ext 134 > Yes, it would be dangerous. That's why the > LSM hooks are restrictive, not authoritative. > > > > Casey Schaufler > casey@schaufler-ca.com > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com
This archive was generated by hypermail 2.1.3 : Wed May 25 2005 - 19:11:22 PDT