On Wed, 19 Apr 2006, Greg KH wrote:
> So please feel free to submit your patch, especially as without another
> LSM user in the kernel tree, the interface will probably go away.
At this point, LSM has really proven itself to be a bad interface and
should probably go away in any case.
Its semantics are too weak, and developers are not designing their code
according to what is suitable for the kernel, but rather, whatever happens
to fit easily into LSM, which us just about anything.
The LSM interface is also being abused by several proprietary kernel
modules, some of which are not even security related. In one case,
there's code which dangerously revectors SELinux with a shim layer
designed to try and bypass the GPL. Some of this is a response to
unexporting the syscall table, where projects which abused that have now
switched to LSM.
I think it's clear now, if it wasn't already, that bad interfaces foster
bad code.
- James
--
James Morris
<[email protected]>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]