From: Hans Reiser <reiser@namesys.com>
To: Stephen Smalley <sds@epoch.ncsc.mil>
Cc: andrea@cpushare.com, lkml <linux-kernel@vger.kernel.org>,
Andrew Morton <akpm@osdl.org>
Subject: Re: secure computing for 2.6.7
Date: Sat, 07 Aug 2004 16:20:48 -0700 [thread overview]
Message-ID: <411563D0.1050608@namesys.com> (raw)
In-Reply-To: <1091536845.7645.60.camel@moss-spartans.epoch.ncsc.mil>
Stephen Smalley wrote:
>On Wed, 2004-07-07 at 15:27, Hans Reiser wrote:
>
>
>>Am I right to think that this could complement nicely our plans
>>described at www.namesys.com/blackbox_security.html
>>
>>
>
>Hi Hans,
>
>Out of curiosity, what do you think that this proposal will achieve that
>cannot already be done via SELinux policy? SELinux policy can already
>express access rules based not only on the executable and user, but even
>the entire call chain that led to a given executable.
>
>
>
Where do you store the access rules? With the executable? How do you
automate their determination?
next prev parent reply other threads:[~2004-08-07 23:21 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-07-04 17:39 secure computing for 2.6.7 andrea
2004-07-04 21:35 ` Andrew Morton
2004-07-04 23:32 ` andrea
2004-07-05 0:37 ` Phy Prabab
2004-10-12 14:24 ` Andrea Arcangeli
2004-10-12 15:32 ` Rik van Riel
2004-10-12 15:59 ` Andrea Arcangeli
2004-10-12 16:28 ` Rik van Riel
2004-10-12 17:46 ` Andrea Arcangeli
2004-10-12 18:04 ` Rik van Riel
2004-10-12 18:10 ` Rik van Riel
2004-10-12 18:29 ` Andrea Arcangeli
2004-07-07 19:27 ` Hans Reiser
2004-08-01 10:22 ` Andrea Arcangeli
2004-08-01 12:01 ` chris
2004-08-01 15:01 ` Andrea Arcangeli
2004-08-01 17:29 ` chris
2004-08-01 18:52 ` Bernd Eckenfels
2004-08-01 20:45 ` Alan Cox
2004-08-01 23:10 ` Andrea Arcangeli
2004-08-01 23:08 ` Alan Cox
2004-08-02 10:25 ` Andrea Arcangeli
2004-08-01 23:06 ` Andrea Arcangeli
2004-08-02 6:52 ` David Wagner
2004-08-03 12:48 ` Stephen Smalley
2004-08-01 14:55 ` Bernd Eckenfels
2004-08-01 15:51 ` Andrea Arcangeli
2004-08-01 17:24 ` Bernd Eckenfels
2004-08-02 3:17 ` Horst von Brand
2004-08-02 16:31 ` Andrea Arcangeli
2004-08-03 12:40 ` Stephen Smalley
2004-08-03 21:02 ` Alexander Lyamin
2004-08-05 11:47 ` Stephen Smalley
2004-08-04 8:57 ` Hans Reiser
2004-08-05 11:48 ` Stephen Smalley
2004-08-07 23:20 ` Hans Reiser [this message]
2004-08-09 12:35 ` Stephen Smalley
[not found] <2ejhQ-4lc-5@gated-at.bofh.it>
[not found] ` <2fqhq-1RU-45@gated-at.bofh.it>
[not found] ` <2olLt-4wI-5@gated-at.bofh.it>
2004-08-02 0:05 ` Andi Kleen
2004-08-02 10:19 ` Andrea Arcangeli
2004-08-02 19:06 ` Rik van Riel
2004-08-02 21:35 ` Andrea Arcangeli
2004-08-04 13:18 ` V13
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=411563D0.1050608@namesys.com \
--to=reiser@namesys.com \
--cc=akpm@osdl.org \
--cc=andrea@cpushare.com \
--cc=linux-kernel@vger.kernel.org \
--cc=sds@epoch.ncsc.mil \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.