[rsbac] Remove LSM support from RSBAC 1.2.3-pre? Issues
and musings.
Samuli Kärkkäinen
skarkkai at woods.iki.fi
Wed Oct 15 00:51:27 MEST 2003
On Tue, Oct 14, 2003 at 07:31:39PM +0000, elvo at virgilio.it wrote:
>
> >BTW, I just got a mail from Brad (spender at grsecurity.net), who appreciated
> my statement and fully agreed with me. I am still
> > waiting for the LIDS statement.
> >
> >Amon.
>
> what do you think abount something like a petition against LSM by the linux
> security community ? :)
>
> grsecurity have a lot of users-power and if other developers of linux security
> patches agreed with you something could appens ..
>From having watched the kernel list, I have gotten certain aversion toward
the word "petition" in context of Linux development. In particular Linus is
hard to impossible to sway by merely having a lot of people support some
idea. So I'd not use the word "petition", but I think the basic idea of
joining forces, in political sense, with grsecurity and others, could be a
good idea.
If RSBAC, grsecurity etc. agree on either a direction where LSM should be
taken, or for example on establishing a competing security framework that
these projects could use instead of LSM, I could see Linus paying attention
to that. It's quite a solid argument to point out that majority of existing,
much used level security patches cannot use LSM.
--
Samuli Kärkkäinen |\ _,,,---,,_
skarkkai at woods.iki.fi ---------ZZZzz /,`.-'`' -. ;-;;,_------
http://www.woods.iki.fi |,4- ) )-,_. ,\ ( `'-'
'---''(_/--' `-'\_)
More information about the rsbac
mailing list