Re: [AppArmor #7 0/13] AppArmor security module

From: Pavel Machek
Date: Thu Aug 26 2010 - 03:02:17 EST


On Thu 2010-08-05 20:27:24, James Morris wrote:
> On Thu, 5 Aug 2010, Pavel Machek wrote:
>
> > > Note that I added the patch below to update AA against the latest
> > > version of path_truncate:
> >
> > Ok, so now we have two name-based "security" modules. Can we at least
> > drop TOMOYO? That seems to have all apparmor disadvantages plus some
> > more...
>
> No. The policy is that any security module which implements an access
> control scheme and meets a well-defined security goal, and passes
> technical review, may be merged.
>
> aka, The Arjan Protocol:
>
> http://kerneltrap.org/Linux/Documenting_Security_Module_Intent

It seems that security subsystem has lower standards than rest of the
kernel. Sad.
Pavel

--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/