Re: [BK PATCH] LSM changes for 2.5.59

From: David Wagner (daw@mozart.cs.berkeley.edu)
Date: Mon Feb 10 2003 - 00:59:19 EST


Christoph Hellwig wrote:
>[...] given that selinux is the only module actually using it [...]

No, it's not. I keep you telling you LSM is not just about SELinux,
but I'm happy to say it again, if necessary.

>you don't get tru security by adding hooks.

Of course not. Noone is saying that the LSM hooks alone give security;
rather, they enable you to install a module that gives security.

>security needs a careful design

You keep saying this. People keep telling you that LSM does have a
careful design. I suspect you mean that you don't like the design we
chose, for whatever reason -- but that's a different sort of beast,
isn't it?

If you have constructive suggestions, I'm listening.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sat Feb 15 2003 - 22:00:25 EST