Quoting James Morris (jmorris@private): > On Wed, 15 Jun 2005, Reiner Sailer wrote: > > > This patch applies against linux-2.6.12-rc6-mm1 and provides the main > > Integrity Measurement Architecture code (LSM-based). > > Why are you still trying to use LSM for this? A long, long time ago, Crispin defined LSM's purpose as: >> Main goal : we have to design a generic framework to be able to use >> better >> security policies than the current ones (DAC and capabilities). > >Sort of. We have to design a generic interface that exports enough >kernel >functionality to allow security developers to go off and create these >better >security policy modules. Since IMA provides support for a new type of security policy, specifically remote system integrity verification, I don't see where LSM shouldn't necessarily be used. I'm also curious about the current kernel development approach: On the one hand, when filesystem auditing was introduced, Christoph asked whether inotify and audit should be merged because they hook some of the same places. Can someone reconcile these points of view for me, please? If Reiner goes ahead and moves the IMA code straight into the kernel, does anyone doubt that he'll be asked to merge it with LSM? I'm not pushing one way or the other - I don't care whether IMA is an LSM or not :) I just don't understand the current climate. thanks, -serge
This archive was generated by hypermail 2.1.3 : Wed Jun 15 2005 - 13:45:15 PDT