Re: lsm truly "generic" allowing complete choice? Clean? Simple? Idon't think so.
Christoph Hellwig (hch@infradead.org)
Wed, 12 Feb 2003 11:41:31 +0000
On Wed, Feb 12, 2003 at 01:58:53AM -0800, LA Walsh wrote:
> > From: Russell Coker
> > linux-kernel mailing list removed from the CC list (again), they've
> > probably heard too much of this discussion already.
> ---
> It was isolation away from the mainline kernel list that allowed
> the current patchwork design. Attempts to clarify the LSM list charter
> which ended up on lkml resulted in movements to silence those
> questioning the emperor's new clothes (or lack thereof). LSM project
> members want their changes in the kernel code *today*. It is appropriate
> to discuss design methodolgy on the kernel list since design
> methodology discussion was forbidden on lkml as was any interaction
> with the linux community. Quite frankly, the brown-nosing, back-slapping
> politics really put a bitter taste on things that were naively believed
> to be based more on technocracy than making people 'look good' and
> commercial self-interest.
Full agreement here. If the LSM stuff actually was discussed on the
appropinquate list (lkml) we probably wouldn't have much of this mess.
> > If making the DAC code a module slows down non-LSM servers
> > and takes a lot of
> > programmer time to implement, is it a useful effort?
First making it a _module_ is silly. In fact the idea of security
_modules_ is very bad - you need early initialization to have prope
labelling of all objects and subjects in the system.
Having DAC optional by itself sounds like a silly idea, but if it is
a fallout of a generic security model I don't see any reason why we
shouldn't allow it.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/