[rsbac] RSBAC kernel configurations menu question

Tomasz Kłoczko kloczek at zie.pg.gda.pl
Thu May 3 17:24:40 CEST 2007

Dnia 03-05-2007, Cz o godzinie 17:45 +0200, tazok napisał(a):
> Well, I think that the "access key retention support" uses the LSM
> framework, if not... there is some reason to include the security.h
> header file in parts of their code?(please explanation required).

Both options ("key retention" and "different security models") can be
enabled/disabled independently. IIRC second enables LSM hooks entries.

> I think that rsbac is not only a part of the kernel security
> infrastructure, since it modify (AFAIK) too many kernel code and is
> too complex.

Sorry but I completly don't understand what kind of argument is RSBAC
complexity on answering some general/generic question like "is RSBAC is
security related or not ?".
Yes .. RSBAC don't uses LSM but it is known fact as same it is not now
part of vanilla kernel tree and yes .. not it is not part of kernel
security infrastructture in stricte sense (curent kernel).
Is it Access Control subject isn't (only ?) security related ? IMO: yes
and nothing more.
If not what another ? And/or can you list any other not
security/auditing related RSBAC usage ?
Can I use RSBAC for control boiling water for tea ? ;>


More information about the rsbac mailing list