Re: [PATCH] [request for inclusion] Realtime LSM

From: Andrew Morton
Date: Tue Mar 08 2005 - 15:44:35 EST

Paul Davis <paul@xxxxxxxxxxxxxxxxxxxxx> wrote:
> >And as I mentioned a few times, the authors have neither the inclination
> >nor the ability to do that, because they are not kernel hackers. The
> >realtime LSM was written by users (not developers) of the kernel, to
> >solve a specific real world problem. No one ever claimed it was the
> >correct solution from the kernel POV.
> i would just like to add that its very disappointing that the LSM,
> having been included in the kernel (apparently very much against
> Christoph's and others' advice) turns out to be so useless. from
> outside lkml, LSM appeared to be a mechanism to allow
> non-kernel-developers to create new security policies (perhaps even
> mechanisms) without trying to tackle the entire kernel. instead, we
> are now getting a fix which, while it solves the same problem, has
> required substantive analysis of its effect on the overall kernel, and
> will require continued vigilance to ensure that it doesn't now or
> later cause unintended side effects. LSM appeared to be the "right"
> way to do this in terms of modularity - it is disappointing to find it
> has so little support (close to zero to judge from this debate) on
> LKML despite being present in the kernel.

That, plus the fact that inherited capabilities could also be used here,
except they don't work right. That's a nice, simple and long-standing
kernel feature which I think we should have fixed up before piling in more
security features.

But I've said that often enough. If nobody has a sufficient need for
fixed-up-caps to actually put work into it, nothing happens. And it's a
lot of work, because this is a scary feature.

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at