Re: security patches / lsm
From: Nico Schottelius
Date: Wed Jun 09 2004 - 04:03:45 EST
Sorry for the late answer!
For me it looks like rsbac and grsecurity could get included in 2.6.
It looks like Amon did the work necessary to intergrate it into 2.6.
(have a look at http://www.rsbac.org/).
And grsecurity also works nice with 2.6
(http://www.grsecurity.net/download.php).
Who decides whether to integrate them or not?
Nico
Chris Wright [Thu, Jan 22, 2004 at 03:09:37PM -0800]:
> * Nico Schottelius (nico-kernel@xxxxxxxxxxxxxxx) wrote:
> > What about the LSM framework in the kernel and the arguments at
> > http://www.rsbac.org/lsm.htm
> > http://www.grsecurity.net/lsm.php
>
> It's been fairly functional for something as comprehenseive as SELinux,
> and supports other users as well, LIDS, DTE come to mind. There are
> probably some improvements we could make from a few of the complaints
> from these projects, however they haven't contacted the lsm list in years.
>
> > Are you working together with those maintainers to enable their
> > patches?
>
> No. They've both said they don't want to spend any time on such
> endeavor. I think it would be time well spent, perhaps you'd like to
> help?
>
> thanks,
> -chris
> --
> Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
--
Keep it simple & stupid, use what's available.
Please use pgp encryption: 8D0E 27A4 is my id.
http://nerd-hosting.net | http://nico.schotteli.us
Attachment:
pgp00000.pgp
Description: PGP signature