James Morris <[email protected]> wrote on 05/20/2005 10:56:20 AM:
> Why are you using LSM for this?
>
> LSM should be used for comprehensive access control frameworks which
> significantly enhance or even replace existing Unix DAC security.
I see LSM is framework for security. IMA is an architecture that
enforces access control in a different way than SELinux. IMA guarantees
that executable content is measured and accounted for before
it is loaded and can access (and possibly corrupt) system resources.
> We're going to end up with a proliferation of arbitrary security
features
> lacking an overall architectural view (I've written about this before,
> see http://www.ussg.iu.edu/hypermail/linux/kernel/0503.1/0300.html).
>
> I think it would be better to implement this directly.
The reason IMA is implemented as a Linux security module is that the LSM
interface allows the least intrusive implementation with regard to existing
kernel code. IMA is non-intrusive (its hooks return always nicely) and
implements security guarantees that are orthogonal to those of, e.g.,
SELinux. Interactions with other LSM users are not expected. Experience
shows that maintining IMA as LSM is simple.
There is no reason though why IMA must use LSM; however, it seems not the
straightforward solution to replicate LSM hooks that are already
available.
>
> - James
> --
> James Morris
> <[email protected]>
>
>
Thanks
Reiner
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]