Re: 2.6.11-rc3-mm2

[Jack O'Quin]

[direct reply bounced, resending via gmail]

Andrew Morton <akpm@xxxxxxxx> writes:

> Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote:
> >
> > On Thu, Feb 10, 2005 at 02:35:08AM -0800, Andrew Morton wrote:
> > > 
> > > 
> > > ftp://ftp.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.11-rc3/2.6.11-rc3-mm2/
> > > 
> > > 
> > > - Added the mlock and !SCHED_OTHER Linux Security Module for the audio guys.
> > >   It seems that nothing else is going to come along and this is completely
> > >   encapsulated.
> > 
> > Even if we accept a module that grants capabilities to groups this
> > isn't fine yet because it only supports two specific capabilities
> > (and even those two in different ways!) instead of adding generic
> > support to bind capabilities to groups.
> 
> I'm sure that got discussed somewhere in the 1000 emails which flew past
> last time.  Jack?

[adding cc: for the main discussion participants]

Most people felt that a more general capabilities module would be nice
to have.  But, no one offered any code, or volunteered to work on it.

I have no objection to that approach, but am not willing or able to do
it myself.  My opinion is that expanding the scope of the LSM would
significantly increase its security risk.  That job needs to be done
very carefully, by someone with a deep understanding of the kernel's
internal use of capabilities.

Perhaps, Christoph's suggestion could become part of a more general
module, which might replace the RT-LSM in the 2.8 timeframe.  Our LSM
is a modest solution aimed at solving the immediate needs of audio
developers and users with minimal impact on kernel security or
correctness.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/