From: Nico Schottelius <nico-kernel@schottelius.org>
To: Chris Wright <chrisw@osdl.org>
Cc: Nico Schottelius <nico-kernel@schottelius.org>,
Amon Ott <ao@rsbac.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
dev@grsecurity.net
Subject: Re: security patches / lsm
Date: Sat, 12 Jun 2004 21:55:47 +0200 [thread overview]
Message-ID: <20040612195547.GA597@schottelius.org> (raw)
In-Reply-To: <20040609104025.A21045@build.pdx.osdl.net>
[-- Attachment #1: Type: text/plain, Size: 1598 bytes --]
Chris Wright [Wed, Jun 09, 2004 at 10:40:25AM -0700]:
> * Nico Schottelius (nico-kernel@schottelius.org) wrote:
> > Sorry for the late answer!
> >
> > For me it looks like rsbac and grsecurity could get included in 2.6.
> >
> > It looks like Amon did the work necessary to intergrate it into 2.6.
> > (have a look at http://www.rsbac.org/).
> >
> > And grsecurity also works nice with 2.6
> > (http://www.grsecurity.net/download.php).
> >
> > Who decides whether to integrate them or not?
>
> Ultimately, that's Linus, often with some input from the rest of
> the community. Look, it's very simple. Create patches, submit for
> public review, update according to feedback, resubmit, etc.
Thought so, too.
> The main
> problem here is the patches above are invasive and considering where
> we are in the 2.6 series (read: concerned utmost about stability) large
> invasive patches aren't appropriate.
Ok. So waiting for 2.7 is much more senseful.
> Further, there's an infrastructure
> designed to support some of the features in the above patchsets, LSM.
As stated by Amon and others, LSM seems not to be the perfect thing.
> And the idle complaints that it's inadequate without engaging in dialog
> or supplying patches don't work very far towards a solution.
Well, where do you think should we discuss that? I think Amon
doesn't avoid this discussion.
Have a nice rest-weekend,
Nico
--
Keep it simple & stupid, use what's available.
Please use pgp encryption: 8D0E 27A4 is my id.
http://nerd-hosting.net | http://nico.schotteli.us
[-- Attachment #2: Type: application/pgp-signature, Size: 827 bytes --]
prev parent reply other threads:[~2004-06-12 19:53 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-01-22 19:11 security patches / lsm Nico Schottelius
2004-01-22 23:09 ` Chris Wright
2004-06-09 9:03 ` Nico Schottelius
2004-06-09 11:22 ` GCS
2004-06-09 11:46 ` Nico Schottelius
2004-06-09 12:37 ` Olaf Hering
2004-06-09 16:28 ` Valdis.Kletnieks
2004-06-09 14:15 ` Greg KH
2004-06-09 17:40 ` Chris Wright
2004-06-12 19:55 ` Nico Schottelius [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040612195547.GA597@schottelius.org \
--to=nico-kernel@schottelius.org \
--cc=ao@rsbac.org \
--cc=chrisw@osdl.org \
--cc=dev@grsecurity.net \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.