Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory Access Control Kernel

[Andi Kleen]

> CIPSO is supported on SELinux as well.

That's no reason to extend that design mistake.

> It certainly has uses where IPSec  
> is excessive. One example is someone I talked to recently that basically 
> has a set of blade systems connected with a high speed backplane that 
> looks like a network interface. CIPSO is useful in this case because 
> they can't afford the overhead of IPSec but need to transfer the level 
> of the connection to the other machines. The backplane is a trusted 
> network and that isn't a dangerous assumption in this case.

If one of the boxes gets broken in all are compromised this way? 

> CIPSO also lets systems like SELinux and SMACK talk to other trusted 
> systems (eg., trusted solaris) in a way they understand. 

Perhaps, but is the result secure? I have severe doubts.

> I don't  
> regularly support CIPSO as I believe IPSec labeling is more useful in 
> more situations but that doesn't mean CIPSO is never useful.

Security that isn't secure is not really useful. You might as well not
bother.

-Andi

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/