Casey Schaufler wrote: >>I don't think this dire circumstance needs to occur. >> >I don'y buy Stephen's argument at all. >Security is to important to try to put >the brakes on. No, we should not try >to unify on a single model. Even if that >model claims to do everything up to >and including cleaning the bathrooms. > More over, one of the essential principles of security is *simplicity*. Taking a large, general-purpose thing and using it for a specific purpose is not actually a good idea. It is *better* to use a specific tool if you can than to use a Swiss Army knife as your Phillips screwdriver day in and day out. LSM allows you to choose your tool. SELinux is a Swiss Army knife, which is useful, but should not be the only tool in the toolbox. Crispin -- Crispin Cowan, Ph.D. http://immunix.com/~crispin/ Director of Software Engineering, Novell http://novell.com
This archive was generated by hypermail 2.1.3 : Thu Jun 30 2005 - 14:21:47 PDT