Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks

[Stephen Smalley]

On Tue, 2006-04-18 at 14:59 -0500, Serge E. Hallyn wrote:
> Quoting Alan Cox (alan@xxxxxxxxxxxxxxxxxxx):
> > On Maw, 2006-04-18 at 09:50 -0700, Gerrit Huizenga wrote:
> > > or are there places where a "less than perfect, easy to use, good enough"
> > > security policy?  I believe there is room for both based on the end
> > > users' needs and desires.  But that is just my opinion.
> > 
> > Poor security systems lead to less security than no security because it
> > lulls people into a false sense of security. Someone who knows their
> 
> Not wanting to make any digs one way or another, but because the culture
> right now refuses to admit it I must point out:
> 
> So does "security" which is too complicated and therefore ends up
> misconfigured (or disabled).

Not sure who refuses to admit it, but there is plenty of work in
progress to improve SELinux useability.  But that doesn't require
crippling the kernel mechanism, nor would that help.  Keep in mind as
well that SELinux "complexity" is purely a reflection of complexity in
Linux; SELinux just exposes the existing interactions and provides a way
to control them.  The SELinux mechanism itself is fairly simple.  

> The posix caps sendmail fiasco is one example.


-- 
Stephen Smalley
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/