Re: [RFC][PATCH 2/3] SLIM

From: Tim Fraser (tfraser@private)
Date: Wed Nov 30 2005 - 09:17:11 PST


sds> Hmmm...well, now I'm confused.  I thought that you (and others) were
sds> arguing that low water mark offers a higher degree of compatibility with
sds> traditional Unix than SELinux/TE, but here you seem to disavow such a
sds> claim, and don't respond to my specific examples of how the automatic
sds> demotion of low water mark is just as problematic for compatibility as a
sds> fixed label model.

No, I'm not here to make that argument today.  I'm just here to
suggest that, if you want to demonstrate the generality of FLASK or
LSM, then SLIM deserves consideration because it implements one of the
few approaches not already covered by SELinux.

Presumably Low Water-Mark is an approach you considered and rejected
when you began work on SELinux.  I respect your decision, even though
I happen to think that Low Water-Mark has its uses.  I don't want to
try to change your mind.  I would, however, like to point out that it
is likely that *any* security module that is significantly different
from SELinux is apt to be be based on an approach that you once
considered and rejected.  If the LSM interface is to have an
additional interesting example module that is not simply a
reimplementation of something SELinux already does quite well, then it
seems likely to me that the example will have have to be drawn from
the pile of approaches you personally would have rejected.  Some
implementation of Low Water-Mark seems to deserve consideration ---
even though you are not fond of it, both Dr. Safford and I have found
it useful in our work at different times and places.


- Tim Fraser



This archive was generated by hypermail 2.1.3 : Wed Nov 30 2005 - 09:17:58 PST