Re: LSM conversion to static interface
From: Linus Torvalds
Date: Fri Oct 19 2007 - 16:40:32 EST
On Fri, 19 Oct 2007, Andreas Gruenbacher wrote:
>
> Non-trivial modules (i.e., practically everything beyond capabilities) become
> effective only after loading policy, anyway. If you can load policy, you can
> as well first load a security module without making the system insecure.
I'd like to note that I asked people who were actually affected, and had
examples of their real-world use to step forward and explain their use,
and that I explicitly mentioned that this is something we can easily
re-visit.
But I also note that you did no such thing, neither has anybody else.
The fact is, security people *are* insane. You just argue all the time,
instead fo doing anything productive. So please don't include me in the Cc
on your insane arguments - instead do something productive and I'm
interested.
Ok? That was the whole point of LSM in the first place. I'm *not*
interested in getting roped into your insane arguments. I'm interested in
moving forward and having real examples of real use and code. Until then,
this issue is closed. I thought I had made that clear already, but
apparently not clear enough.
So I repeat: we can undo that commit, but I will damn well not care one
whit about yet another pointless security model flamewar.
Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/