Re: [PATCH 1 of 4] ima: related TPM device driver interal kernelinterface

From: James Morris
Date: Fri May 20 2005 - 09:58:48 EST

Next message: Olivier Croquette: "Re: Thread and process dentifiers (CPU affinity, kill)"
Previous message: Kirill Korotaev: "Re: Running OOM and worse with broken signal handler"
In reply to: Kylene Hall: "[PATCH 1 of 4] ima: related TPM device driver interal kernel interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Why are you using LSM for this?

LSM should be used for comprehensive access control frameworks which
significantly enhance or even replace existing Unix DAC security.

We're going to end up with a proliferation of arbitrary security features
lacking an overall architectural view (I've written about this before,
see http://www.ussg.iu.edu/hypermail/linux/kernel/0503.1/0300.html).

I think it would be better to implement this directly.

- James
--
James Morris
<jmorris@xxxxxxxxxx>

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Olivier Croquette: "Re: Thread and process dentifiers (CPU affinity, kill)"
Previous message: Kirill Korotaev: "Re: Running OOM and worse with broken signal handler"
In reply to: Kylene Hall: "[PATCH 1 of 4] ima: related TPM device driver interal kernel interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]