Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks
From: Stephen Smalley
Date: Wed Apr 19 2006 - 14:30:07 EST
On Wed, 2006-04-19 at 12:57 -0500, Emily Ratliff wrote:
> On 4/19/06, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
> > BTW, since you point to LOMAC as evidence, can you point to an actual
> > user community that uses LOMAC?
> EVM & SLIM are part of IBM's internal supported Linux desktop, so
> there are quite a few users.
Um, ok. Not sure what that means in practice, but good to know you have
actual users.
> And Tim Fraser's and Dave Safford's responses are noted in
> http://marc.theaimsgroup.com/?l=linux-security-module&m=113323166505015&w=2
> http://marc.theaimsgroup.com/?l=linux-security-module&m=113337110408758&w=2
> http://marc.theaimsgroup.com/?l=linux-security-module&m=113234278611701&w=2
But AFAICS they didn't respond to my actual points, whereas I responded
to their points. In the end, their argument seemed to degenerate to
"SLIM should be accepted because it differs from SELinux" or "embrace
diversity for diversity's sake." Not entirely compelling.
> > If such models can demonstrate their viability, then you can ultimately
> > submit a patch to extend SELinux/Flask to support them - I have no
> > problem with that (again, if they can be shown to be viable and
> > implementation is correct).
> Dave has an existing implementation with a user base of a formally
> proven security model. He is addressing implementation concerns and
> continuing to try to get SLIM accepted. Why should he be required to
> extend SELinux?
Well, I haven't seen any new code submitted since last Nov, and the code
at that time was badly broken to the point that it seemed to require a
re-design, and none of the modules at the time appeared to justify LSM
or the stacker; if anything, they were a warning that the stacker and
LSM lend themselves to misuse, confusion, and broken code.
I'm sure we'd all be glad to see new patches. But the issues that were
raised during the original discussion still need to be addressed.
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/