[rsbac] Remove LSM support from RSBAC 1.2.3-pre? Issues and musings.

Samuli Kärkkäinen skarkkai at woods.iki.fi
Wed Oct 15 00:51:27 MEST 2003

On Tue, Oct 14, 2003 at 07:31:39PM +0000, elvo at virgilio.it wrote:
> >BTW, I just got a mail from Brad (spender at grsecurity.net), who appreciated
> my statement and fully agreed with me. I am still
> > waiting for the LIDS statement.
> >
> >Amon.
> what do you think abount something like a petition against LSM by the  linux
> security community ? :)
> grsecurity have a lot of users-power and if other developers of linux security
> patches agreed with you something could appens ..

>From having watched the kernel list, I have gotten certain aversion toward
the word "petition" in context of Linux development. In particular Linus is
hard to impossible to sway by merely having a lot of people support some
idea. So I'd not use the word "petition", but I think the basic idea of
joining forces, in political sense, with grsecurity and others, could be a
good idea.

If RSBAC, grsecurity etc. agree on either a direction where LSM should be
taken, or for example on establishing a competing security framework that
these projects could use instead of LSM, I could see Linus paying attention
to that. It's quite a solid argument to point out that majority of existing,
much used level security patches cannot use LSM.

  Samuli Kärkkäinen                   |\      _,,,---,,_
 skarkkai at woods.iki.fi ---------ZZZzz /,`.-'`'    -.  ;-;;,_------
http://www.woods.iki.fi              |,4-  ) )-,_. ,\ (  `'-'
                                     '---''(_/--'  `-'\_)

More information about the rsbac mailing list