* grsecurity in 2.5?
@ 2003-04-20 8:23 Zoltan NAGY
2003-04-21 21:25 ` Greg KH
0 siblings, 1 reply; 8+ messages in thread
From: Zoltan NAGY @ 2003-04-20 8:23 UTC (permalink / raw)
To: linux-kernel
hi!
its a simple question.. it there a chance that grsecurity will be (even
partially) merged into 2.5?
thanks
Zoltan NAGY
Nefty WebStudio
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: grsecurity in 2.5?
2003-04-20 8:23 grsecurity in 2.5? Zoltan NAGY
@ 2003-04-21 21:25 ` Greg KH
2003-04-21 21:37 ` Zoltan NAGY
0 siblings, 1 reply; 8+ messages in thread
From: Greg KH @ 2003-04-21 21:25 UTC (permalink / raw)
To: Zoltan NAGY; +Cc: linux-kernel
On Sun, Apr 20, 2003 at 10:23:01AM +0200, Zoltan NAGY wrote:
> hi!
>
> its a simple question.. it there a chance that grsecurity will be (even
> partially) merged into 2.5?
What's the status of that patch being ported to the LSM interface (which
is already in 2.5)?
thanks,
greg k-h
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: grsecurity in 2.5?
2003-04-21 21:25 ` Greg KH
@ 2003-04-21 21:37 ` Zoltan NAGY
2003-04-21 21:38 ` Chris Wright
2003-04-21 21:45 ` Valdis.Kletnieks
0 siblings, 2 replies; 8+ messages in thread
From: Zoltan NAGY @ 2003-04-21 21:37 UTC (permalink / raw)
To: Greg KH; +Cc: linux-kernel
On Mon, 21 Apr 2003, Greg KH wrote:
> On Sun, Apr 20, 2003 at 10:23:01AM +0200, Zoltan NAGY wrote:
> > hi!
> >
> > its a simple question.. it there a chance that grsecurity will be (even
> > partially) merged into 2.5?
>
> What's the status of that patch being ported to the LSM interface (which
> is already in 2.5)?
AFAIK there was a discussion about it, but i dont know what decision has
born..
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: grsecurity in 2.5?
2003-04-21 21:37 ` Zoltan NAGY
@ 2003-04-21 21:38 ` Chris Wright
2003-04-21 23:36 ` Grzegorz Jaskiewicz
2003-04-21 21:45 ` Valdis.Kletnieks
1 sibling, 1 reply; 8+ messages in thread
From: Chris Wright @ 2003-04-21 21:38 UTC (permalink / raw)
To: Zoltan NAGY; +Cc: Greg KH, linux-kernel
* Zoltan NAGY (nagyz@piarista-kkt.sulinet.hu) wrote:
> On Mon, 21 Apr 2003, Greg KH wrote:
>
> > What's the status of that patch being ported to the LSM interface (which
> > is already in 2.5)?
>
> AFAIK there was a discussion about it, but i dont know what decision has
> born..
I don't think the grsecurity developers are motivated to port their work
to LSM. Patches are welcome of course ;-)
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: grsecurity in 2.5?
2003-04-21 21:37 ` Zoltan NAGY
2003-04-21 21:38 ` Chris Wright
@ 2003-04-21 21:45 ` Valdis.Kletnieks
2003-04-21 22:04 ` Chris Wright
1 sibling, 1 reply; 8+ messages in thread
From: Valdis.Kletnieks @ 2003-04-21 21:45 UTC (permalink / raw)
To: Zoltan NAGY; +Cc: Greg KH, linux-kernel
[-- Attachment #1: Type: text/plain, Size: 661 bytes --]
On Mon, 21 Apr 2003 23:37:38 +0200, Zoltan NAGY said:
> On Mon, 21 Apr 2003, Greg KH wrote:
>
> > On Sun, Apr 20, 2003 at 10:23:01AM +0200, Zoltan NAGY wrote:
> > > hi!
> > >
> > > its a simple question.. it there a chance that grsecurity will be (even
> > > partially) merged into 2.5?
> >
> > What's the status of that patch being ported to the LSM interface (which
> > is already in 2.5)?
>
> AFAIK there was a discussion about it, but i dont know what decision has
> born..
Some parts of grsecurity were trivial to fit into the LSM framework. Other
parts are basically impossible simply because LSM doesn't hook into the
code where it's needed....
[-- Attachment #2: Type: application/pgp-signature, Size: 226 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: grsecurity in 2.5?
2003-04-21 21:45 ` Valdis.Kletnieks
@ 2003-04-21 22:04 ` Chris Wright
0 siblings, 0 replies; 8+ messages in thread
From: Chris Wright @ 2003-04-21 22:04 UTC (permalink / raw)
To: Valdis.Kletnieks; +Cc: Zoltan NAGY, Greg KH, linux-kernel
* Valdis.Kletnieks@vt.edu (Valdis.Kletnieks@vt.edu) wrote:
> On Mon, 21 Apr 2003 23:37:38 +0200, Zoltan NAGY said:
> > On Mon, 21 Apr 2003, Greg KH wrote:
> > > What's the status of that patch being ported to the LSM interface (which
> > > is already in 2.5)?
> >
> > AFAIK there was a discussion about it, but i dont know what decision has
> > born..
>
> Some parts of grsecurity were trivial to fit into the LSM framework. Other
> parts are basically impossible simply because LSM doesn't hook into the
> code where it's needed....
Yes, hence the lack of motivation to bring over just the portable parts.
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: grsecurity in 2.5?
2003-04-21 21:38 ` Chris Wright
@ 2003-04-21 23:36 ` Grzegorz Jaskiewicz
2003-04-21 23:39 ` Chris Wright
0 siblings, 1 reply; 8+ messages in thread
From: Grzegorz Jaskiewicz @ 2003-04-21 23:36 UTC (permalink / raw)
To: Chris Wright; +Cc: lkml
On Mon, 2003-04-21 at 22:38, Chris Wright wrote:
> * Zoltan NAGY (nagyz@piarista-kkt.sulinet.hu) wrote:
> > On Mon, 21 Apr 2003, Greg KH wrote:
> >
> > > What's the status of that patch being ported to the LSM interface (which
> > > is already in 2.5)?
> >
> > AFAIK there was a discussion about it, but i dont know what decision has
> > born..
>
> I don't think the grsecurity developers are motivated to port their work
> to LSM. Patches are welcome of course ;-)
Maybe we should start to bring them piece by piece, fe. PaX first and
others.
Question is not that will somebody do that, i am sure of that - grsec is
needed in 2.4 - and it will be needed in 2.6. Question is, if it will be
included in mainstream kernel release ?
--
Grzegorz Jaskiewicz <gj@pointblue.com.pl>
K4 labs
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: grsecurity in 2.5?
2003-04-21 23:36 ` Grzegorz Jaskiewicz
@ 2003-04-21 23:39 ` Chris Wright
0 siblings, 0 replies; 8+ messages in thread
From: Chris Wright @ 2003-04-21 23:39 UTC (permalink / raw)
To: Grzegorz Jaskiewicz; +Cc: Chris Wright, lkml
* Grzegorz Jaskiewicz (gj@pointblue.com.pl) wrote:
> Maybe we should start to bring them piece by piece, fe. PaX first and
> others.
PaX is an example of something that won't port to LSM. The grsecurity
MAC, RBAC, chroot restrictions, TPE are the types of things that would port
nicely.
> Question is not that will somebody do that, i am sure of that - grsec is
> needed in 2.4 - and it will be needed in 2.6. Question is, if it will be
> included in mainstream kernel release ?
I don't expect to see it in 2.6 mainline at all. The patch could be
reduced if some of the core access control logic was placed in an LSM.
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2003-04-21 23:32 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-04-20 8:23 grsecurity in 2.5? Zoltan NAGY
2003-04-21 21:25 ` Greg KH
2003-04-21 21:37 ` Zoltan NAGY
2003-04-21 21:38 ` Chris Wright
2003-04-21 23:36 ` Grzegorz Jaskiewicz
2003-04-21 23:39 ` Chris Wright
2003-04-21 21:45 ` Valdis.Kletnieks
2003-04-21 22:04 ` Chris Wright
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.