Re: [TOMOYO #7 30/30] Hooks for SAKURA and TOMOYO.

From: Casey Schaufler
Date: Mon Apr 07 2008 - 18:57:34 EST

Next message: nikosapi: "Re: Suspend on Lenovo 3000 V200 - Linux 2.6.25rc8"
Previous message: Andrew Morton: "Re: [PATCH 1/6] Clocklib: add generic framework for managingclocks."
In reply to: Paul Moore: "Re: [TOMOYO #7 30/30] Hooks for SAKURA and TOMOYO."
Next in thread: Tetsuo Handa: "[TOMOYO #7 19/30] Auditing functions for TOMOYO."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--- Paul Moore <paul.moore@xxxxxx> wrote:

> On Friday 04 April 2008 8:23:12 am Tetsuo Handa wrote:
> > This file contains modifications against kernel source code
> > needed to use TOMOYO Linux 1.6.
> >
> > Although LSM hooks are provided for performing access control,
> > TOMOYO Linux 1.6 doesn't use LSM because of the following reasons.
>
> Hello,
>
> I understand your frustration with the existing LSM hooks/API and your
> reasoning for abandoning LSM in favor of a new set of hooks, however, I
> think this sets a dangerous precedence which could result in an
> abundance of security related hooks scattered throughout the kernel. I
> would much rather see the LSM API extended/tweaked to support the needs
> of SAKURA and TOMOYO than ignored and duplicated; I suspect several
> others will say the same.

The same.

Casey Schaufler
casey@xxxxxxxxxxxxxxxx
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: nikosapi: "Re: Suspend on Lenovo 3000 V200 - Linux 2.6.25rc8"
Previous message: Andrew Morton: "Re: [PATCH 1/6] Clocklib: add generic framework for managingclocks."
In reply to: Paul Moore: "Re: [TOMOYO #7 30/30] Hooks for SAKURA and TOMOYO."
Next in thread: Tetsuo Handa: "[TOMOYO #7 19/30] Auditing functions for TOMOYO."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]