Christoph Hellwig wrote:
>you don't get tru security by adding hooks. security needs a careful
>design and more strict access control policy can but don't have to be part
>of that design.
>
LSM does have a careful design. The design goal was to permit loadable
kernel modules to mediate access to critical kernel objects by user
level processes. By providing such a facility, LSM enables arbitrary
security policies and policy management engines to be implemented as
loadable modules. This solves the "make one size fit all" problem of
diverse interests lobbying Linus to adopt one security model or another
as the Linux standard. The LSM design saves Linus from having to make
such a choice by allowing end-users to make their own choice, meeting a
goal stated by Linus nearly two years ago.
>The real problem is adding mess to the kernel.
>
Christoph's problem is likely that he doesn't like the design. Fair
enough, can't please everyone, but a lot of effort went into that
design. I also suspect that Christoph does not approve of Linus' design
goal either, but he's never said that when I was looking.
Crispin
-- Crispin Cowan, Ph.D. Chief Scientist, WireX http://wirex.com/~crispin/ Security Hardened Linux Distribution: http://immunix.org Just say ".Nyet"
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Feb 15 2003 - 22:00:24 EST