Re: Security hooks, "standard linux security" & embedded use

All of lore.kernel.org
 help / color / mirror / Atom feed

From: LA Walsh <law@sgi.com>
To: Greg KH <greg@kroah.com>
Cc: Anton Altaparmakov <aia21@cam.ac.uk>,
	Hans Reiser <reiser@namesys.com>,
	reiserfs-dev@namesys.com, linux-kernel@vger.kernel.org,
	reiserfs-list@namesys.com
Subject: Re: Security hooks, "standard linux security" & embedded use
Date: Thu, 12 Jul 2001 12:16:21 -0700	[thread overview]
Message-ID: <3B4DF785.F0273621@sgi.com> (raw)
In-Reply-To: <3B49F602.DB39B3A@sgi.com> <3B4DDFD8.27C1C3D9@namesys.com> <5.1.0.14.2.20010712192608.0365e588@pop.cus.cam.ac.uk> <20010712114729.B735@kroah.com>

Greg KH wrote:
> The current model lets you do whatever you want in your kernel module.
> It imposes no policy, that's up to you.
---
	That's not exactly true.  It imposes the standard Linux security
policy which someone wanting to remove it or change it might not want.
It only allows you to further restrict based on the current security 
system.  
> 
> All the better to keep userspace callbacks for security out of my
> kernels, for that way is ripe for problems (for specific examples why,
> see the linux-security-module mailing list archives.)
---
	I agree.  Though an individual module writer could theoretically
implement callbacks in their own module, no?

-l

--  -    _    -    _    -    _    -    _    -    _    -    _    -    _    -     
The above thoughts and            | I know I don't know the opinions
writings are my own.              | of every part of my company. :-)

next prev parent reply	other threads:[~2001-07-12 19:21 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <3B49F602.DB39B3A@sgi.com>
2001-07-12 17:35 ` Security hooks, "standard linux security" & embedded use Hans Reiser
2001-07-12 18:25   ` Greg KH
2001-07-12 18:37 ` Anton Altaparmakov
2001-07-12 18:47   ` Greg KH
2001-07-12 19:16     ` LA Walsh [this message]
2001-07-12 19:04   ` Anton Altaparmakov
     [not found] <20010712112102.D32683@kroah.com>
2001-07-12 20:32 ` Crispin Cowan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3B4DF785.F0273621@sgi.com \
    --to=law@sgi.com \
    --cc=aia21@cam.ac.uk \
    --cc=greg@kroah.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=reiser@namesys.com \
    --cc=reiserfs-dev@namesys.com \
    --cc=reiserfs-list@namesys.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.