* serue@private (serue@private) wrote: > Since IMA provides support for a new type of security policy, > specifically remote system integrity verification, I don't see > where LSM shouldn't necessarily be used. > > I'm also curious about the current kernel development approach: > On the one hand, when filesystem auditing was introduced, Christoph > asked whether inotify and audit should be merged because they hook > some of the same places. Can someone reconcile these points of view > for me, please? If Reiner goes ahead and moves the IMA code straight > into the kernel, does anyone doubt that he'll be asked to merge it > with LSM? The primary purpose of the hooks is access control. Some of them, of course, are helpers to keep labels coherent. IIRC, James objected because the measurement data was simply collected from these hooks.
This archive was generated by hypermail 2.1.3 : Wed Jun 15 2005 - 14:04:24 PDT