Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)

[Lars Marowsky-Bree]

On 2006-04-24T13:42:31, Alan Cox <alan@xxxxxxxxxxxxxxxxxxx> wrote:

> > That is about the dumbest argument I've heard so far, sorry. 
> Its the conclusion of most security experts I know that broken security
> is worse than no security at all. 

That would be the case of a security model the admin doesn't understand,
either because it is too complex (SELinux) or because it is too simple
as to invite sloppishness (AA), according to which side you ask. Hard
call.


Sincerely,
    Lars Marowsky-Brée

-- 
High Availability & Clustering
SUSE Labs, Research and Development
SUSE LINUX Products GmbH - A Novell Business	 -- Charles Darwin
"Ignorance more frequently begets confidence than does knowledge"

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/