[rsbac] Against LSM

shahbaz khan shazalive at gmail.com
Sat Aug 4 19:57:48 CEST 2007

I would like to know:

1-  How does LSM pose a threat to kernel considering root kits and
2-  What is the treat model that grsec talks about when it comes to selinux?
3-  How are these threats not possible when there is no LSM?

As far as I can understand LSM is designed for speed and generality so
it lacks many hooks that are specific for a wide range of models.

4-  Why doest rsbac use extended attrbutes? Its a nice feature. The
load that ACI impose can be reduced to some extent.

5-  If possible, off the list topic but, how does grsec implement its
hooks? Can't find any details about it neither from any documentation
nor from their mailing list.


More information about the rsbac mailing list