David A. Wheeler wrote: > Stephen Smalley asked: > > Do you really want to encourage proliferation of ad-hoc special purpose > > LSMs? > > Yes, I think it's a good idea, but perhaps > my mental model of "typical stacking use" is very > different from yours. Me too. I have in mind several special-purpose LSM's. They would be field composable because I would design them to be composable. With Stacker, I could at least try to make them composable with SELinux (although SELinux makes that difficult). Without Stacker, I have no choice but to implement my own stacking protocol and that would effectively exclude SELinux from the stack. I know I originally advocated the "stack it yourself" protocol, but I'm quite impressed with the Stacker work, and it has changed my mind. Crispin -- Crispin Cowan, Ph.D. http://immunix.com/~crispin/ Director of Software Engineering, Novell http://novell.com
This archive was generated by hypermail 2.1.3 : Thu Jun 30 2005 - 09:16:32 PDT