Re: TOMOYO in linux-next

From: James Morris
Date: Thu Mar 26 2009 - 20:52:38 EST

Next message: Jesse Barnes: "Re: [PATCH 5/6] drm/i915: Fix lock order reversal with cliprectsand cmdbuf in non-DRI2 paths."
Previous message: Jesse Barnes: "Re: [PATCH 4/6] drm/i915: Fix lock order reversal in shmem preadpath."
In reply to: Pavel Machek: "Re: TOMOYO in linux-next"
Next in thread: Pavel Machek: "Re: TOMOYO in linux-next"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 27 Mar 2009, Pavel Machek wrote:

> > > Security should be doable
> > > without making shell-like glob matching...
> >
> > The TOMOYO developers have already responded to your feedback on this
> > issue. It's also an inherent aspect of pathname security, an issue which
> > has been resolved in favour of inclusion in the kernel.
>
> Do you have any references? My memory claims otherwise on this.

Al Viro merged the LSM pathname hooks.

> > As for the rest of the feedback, please work with the developers to fix
> > any bugs or lack of documentation.
>
> Which brings a question: given that kernel<->user interface is
> undocumented, how was this reviewed?

By 15 iterative posts to lkml and LSM, with extensive discussion and
feedback, as well as presentations by the TOMOYO developers at various
conferences around the world.

- James
--
James Morris
<jmorris@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jesse Barnes: "Re: [PATCH 5/6] drm/i915: Fix lock order reversal with cliprectsand cmdbuf in non-DRI2 paths."
Previous message: Jesse Barnes: "Re: [PATCH 4/6] drm/i915: Fix lock order reversal in shmem preadpath."
In reply to: Pavel Machek: "Re: TOMOYO in linux-next"
Next in thread: Pavel Machek: "Re: TOMOYO in linux-next"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]