public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed
From: Christoph Hellwig <hch@infradead.org>
To: jmjones@jmjones.com
Cc: Christoph Hellwig <hch@infradead.org>,
	"Stephen D. Smalley" <sds@epoch.ncsc.mil>,
	greg@kroah.com, torvalds@transmeta.com,
	linux-security-module@wirex.com, linux-kernel@vger.kernel.org
Subject: Re: [BK PATCH] LSM changes for 2.5.59
Date: Sun, 9 Feb 2003 20:06:26 +0000	[thread overview]
Message-ID: <20030209200626.A7704@infradead.org> (raw)
In-Reply-To: <Pine.LNX.3.96.1030207205056.31221A-100000@dixie>; from jmjones@jmjones.com on Fri, Feb 07, 2003 at 09:20:08PM -0500

On Fri, Feb 07, 2003 at 09:20:08PM -0500, jmjones@jmjones.com wrote:
> I disagree.  The code submitted BOTH addresses the current needs and
> "vaguely anticipated future needs" (which I shall define as VAFN).

What is the "current needs" given that selinux is the only module actually
using it and it's neither in a mergeable shape nor is it legally clear
whether it can be merged?

> Open your mind.  LSM supports both all current solutions for object-level
> security AND provides a valid basis for moving Linux toward providing, AS
> AN OPTION, true security.  Personally, I don't think LSM is the "be all
> and end all" of a security interface, at this point, but I *do* think it's
> the best first-draft of a system that can lead to that end.

you don't get tru security by adding hooks.  security needs a careful
design and more strict access control policy can but don't have to be part
of that design.

> What's your REAL problem?  Somebody stepping on your territory?

The real problem is adding mess to the kernel.


  parent reply	other threads:[~2003-02-09 19:56 UTC|newest]

Thread overview: 55+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-02-06 15:02 [BK PATCH] LSM changes for 2.5.59 Stephen D. Smalley
2003-02-06 15:18 ` Christoph Hellwig
2003-02-06 17:16   ` David Wagner
2003-02-06 17:45     ` Christoph Hellwig
2003-02-06 17:51   ` Alan Cox
2003-02-08  2:20   ` jmjones
2003-02-08  4:13     ` Miles Bader
2003-02-09 20:06     ` Christoph Hellwig [this message]
2003-02-10  1:39       ` Crispin Cowan
2003-02-10  3:02         ` LA Walsh
2003-02-10  3:40           ` Crispin Cowan
2003-02-10  7:34             ` LA Walsh
2003-02-10  8:11               ` Chris Wright
2003-02-10  8:21             ` 'Christoph Hellwig'
2003-02-10  8:33               ` Crispin Cowan
2003-02-10  8:39                 ` 'Christoph Hellwig'
2003-02-10 13:31             ` Alan Cox
2003-02-10 17:29             ` Casey Schaufler
2003-02-12  8:12               ` side issues of baloney with that ham...(was LSM changes for 2.5.59) LA Walsh
2003-02-10 20:51             ` [BK PATCH] LSM changes for 2.5.59 LA Walsh
2003-02-10 21:36               ` David Wagner
2003-02-10 22:14             ` Bill Davidsen
2003-02-11  1:35               ` Dave Jones
2003-02-11 13:59                 ` the modules problems Roman Zippel
2003-02-11 19:44                 ` [BK PATCH] LSM changes for 2.5.59 Bill Davidsen
2003-02-10  4:06           ` J Sloan
2003-02-10  5:59       ` David Wagner
2003-02-10  7:31         ` Christoph Hellwig
  -- strict thread matches above, loose matches on Subject: below --
2003-02-13  4:08 Mika Kukkonen
2003-02-12 16:58 Makan Pourzandi (LMC)
2003-02-12 18:45 ` 'Christoph Hellwig'
2003-02-12 19:11 ` magniett
2003-02-12 18:38   ` 'Christoph Hellwig'
2003-02-12 22:22     ` Crispin Cowan
2003-02-12 15:37 Pete Loscocco
     [not found] <b28k4f$hp4$1@abraham.cs.berkeley.edu>
2003-02-12  8:27 ` LA Walsh
2003-02-10 19:57 Stephen D. Smalley
2003-02-10 22:38 ` LA Walsh
2003-02-10 16:55 Stephen D. Smalley
2003-02-11  8:05 ` Christoph Hellwig
2003-02-13 11:08   ` Chris Wright
2003-02-05 16:59 Stephen D. Smalley
2003-02-05 16:47 Stephen D. Smalley
2003-02-05 16:49 ` Christoph Hellwig
2003-02-05 22:07   ` Greg KH
2003-02-05 22:30     ` Christoph Hellwig
2003-02-05 22:39       ` Russell Coker
2003-02-05 22:41         ` Christoph Hellwig
2003-02-05 15:00 Stephen D. Smalley
2003-02-05 15:34 ` Christoph Hellwig
2003-02-05 16:26 ` Mark Hahn
2003-02-05 13:45 Stephen D. Smalley
2003-02-05 14:13 ` Christoph Hellwig
2003-02-05  4:15 Greg KH
2003-02-05  8:47 ` Christoph Hellwig

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20030209200626.A7704@infradead.org \
    --to=hch@infradead.org \
    --cc=greg@kroah.com \
    --cc=jmjones@jmjones.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@wirex.com \
    --cc=sds@epoch.ncsc.mil \
    --cc=torvalds@transmeta.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox