Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory AccessControl Kernel
From: Jan Engelhardt
Date: Mon Oct 01 2007 - 16:50:01 EST
On Sep 30 2007 01:16, Andrew Morton wrote:
>>
>> Documentation/Smack.txt | 104 +
>> security/Kconfig | 1
>> security/Makefile | 2
>> security/smack/Kconfig | 10
>> security/smack/Makefile | 9
>> security/smack/smack.h | 207 ++
>> security/smack/smack_access.c | 345 ++++
>> security/smack/smack_lsm.c | 2685 ++++++++++++++++++++++++++++++++
>> security/smack/smackfs.c | 1201 ++++++++++++++
>> 9 files changed, 4564 insertions(+)
>
>My major non-technical concern is that Casey Schaufler might get hit by a
>bus. If this happens, we can remove the feature in three minutes (that
>diffstat again), but that may not be feasible if people have come to rely
>upon the feature.
>
>otoh, if a significant number of people are using smack, presumably someone
>else would step up to maintain smack post-bus. The risk seems acceptable
>to me.
I bet that the number of people submitting patches / possibly maintaining it
is hyperbelic to the code size. Everyone that runs away from selinux's
code size and/or "complexity" is a potential smack/aa user/contributor.
>Is smack useful without a patched ls, sshd and init.d? What is the status
>of getting those userspace patches merged? ie: do you know who to send the
>diffs to, and are they likely to take them?
As long as one does not need to recompile userspace (like it is the case with
libselinux), it wins.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/