On Wed, Oct 02, 2002 at 07:39:40PM +0100, Christoph Hellwig wrote:
> > It seems to me that you're arguing both sides here - first you say that
> > a full code audit is needed so you know 'WTF is going on', and then you=
're
> > saying that it's impossible to know.
>=20
> The person who performs the audit can know it. But how often will that be
> the author of the LSM module?=20
We've said on this list a few times that it is important for security
module authors to understand the implications of their decisions.
Deciding to not mediate module parameters is a valid decision. Deciding
to mediate module parameters is a valid decision. One requires very
little thought and sidesteps the matter entirely. The other requires
quite a bit of thought and is difficult to get right -- but that is not
a problem for LSM, per se; it is for the authors of security modules.
--=20
http://immunix.org/
--k+w/mQv8wyuph6w0
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj2beW0ACgkQ+9nuM9mwoJl1kACffkVdcNtchGfevSTpJkfkM3A6
i4IAmgNtShMzUA4VJFvMgquNrlnkmbLj
=iAKC
-----END PGP SIGNATURE-----
--k+w/mQv8wyuph6w0--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/