RE: New stacker performance results

From: Karl MacMillan (kmacmillan@private)
Date: Wed May 25 2005 - 21:03:19 PDT


> -----Original Message-----
> From: Crispin Cowan [mailto:crispin@private]
> Sent: Wednesday, May 25, 2005 11:36 PM
> To: Karl MacMillan
> Cc: 'Colin Walters'; 'Stephen Smalley'; linux-security-module@private
> Subject: Re: New stacker performance results
> 
> Karl MacMillan wrote:
> >>The "big" comment is the size
> >>of the module and the size of the set of associated utilities.
> >>
> >Are you saying that the SELinux module has more code than is necessary to
> >implement its feature set? Is the "big" judgment in comparison to something
> >else, e.g. AppArmor? If so, does that size comparison really make sense based
> on
> >what the two modules implement?
> >
> I strongly believe that this is not the place to play "my module is
> better than your module." I brought up the differences only to dispel
> the claim that SELinux is so general that it can subsume all other
> modules. If people stop arguing to remove LSM and replace it with
> SELinux, then I will stop bitching about what I perceive are the
> limitations of SELinux. At least here :)
>

Interesting . . . at no point did I say SELinux was better than anything or,
actually, argue for the removal of LSM.

Anyway, the point of this particular thread is about the generality of SELinux
and how that might influence a theoretical decision about the usefulness of LSM
- so it seems to me that the SELinux comments (both positive and negative) or on
topic.

Karl

---
Karl MacMillan
Tresys Technology
http://www.tresys.com
(410) 290-1411 ext 134
 
> Crispin
> --
> Crispin Cowan, Ph.D.                      http://immunix.com/~crispin/
> Director of Software Engineering, Novell  http://novell.com



This archive was generated by hypermail 2.1.3 : Wed May 25 2005 - 21:03:57 PDT