From mboxrd@z Thu Jan  1 00:00:00 1970
From: Sean <seanlkml@sympatico.ca>
Subject: Re: [AppArmor 39/45] AppArmor: Profile loading and manipulation,
 pathname matching
Date: Sat, 9 Jun 2007 04:10:45 -0400
Message-ID: <20070609041045.f3b7a7ec.seanlkml@sympatico.ca>
References: <20070514110607.549397248@suse.de>
	<200706042303.28785.agruen@suse.de>
	<1181136386.3699.70.camel@moss-spartans.epoch.ncsc.mil>
	<200706090003.57722.agruen@suse.de>
	<20070609001703.GA17644@kroah.com>
	<Pine.LNX.4.64.0706082207260.6675@asgard.lang.hm>
	<20070609014644.9ed4fa29.seanlkml@sympatico.ca>
	<Pine.LNX.4.64.0706090004290.6675@asgard.lang.hm>
	<20070609033601.640e83a1.seanlkml@sympatico.ca>
	<Pine.LNX.4.64.0706090104210.6675@asgard.lang.hm>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Cc: Greg KH <greg@kroah.com>, Andreas Gruenbacher <agruen@suse.de>,
	Stephen Smalley <sds@tycho.nsa.gov>,
	Pavel Machek <pavel@ucw.cz>, jjohansen@suse.de,
	linux-kernel@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	linux-fsdevel@vger.kernel.org
To: david@lang.hm
Return-path: <linux-security-module-owner@vger.kernel.org>
In-Reply-To: <Pine.LNX.4.64.0706090104210.6675@asgard.lang.hm>
Sender: linux-security-module-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

On Sat, 9 Jun 2007 01:06:09 -0700 (PDT)
david@lang.hm wrote:


> but the SELinux API's are not the core security API's in Linux, the LSM 
> API's are. and AA is useing the LSM API's (extending them where they and 
> SELinux don't do what's needed)
> 

Calling LSM "core" and pretending that SELinux can't do 90% of what you
want doesn't change the facts on the ground.  Clinging to the current AA
implementation instead of honestly considering reasonable alternatives
does not inspire confidence or teamwork.

Sean.