On Wed, 2006-04-19 at 13:52 -0700, Randy.Dunlap wrote: > On Wed, 19 Apr 2006 13:11:54 -0700 Greg KH wrote: > > > On Wed, Apr 19, 2006 at 09:06:57PM +0200, Jan Engelhardt wrote: > > > >> > > > >> Well then, have a look at http://alphagate.hopto.org/multiadm/ > > > >> > > > > > > > >hmm on first sight that seems to be basically an extension to the > > > >existing capability() code... rather than a 'real' LSM module. Am I > > > >missing something here? > > > > > > > > > > (So what's the definition for a "real" LSM module?) > > > > No idea, try submitting the patch :) > > hrm, I guess the smiley is supposed to help?? > > surely someone knows that it takes to qualify as a "real" > LSM module. I would have expected Greg to be in that group > of people. Herein lies the basic problem with LSM - it is not a well-defined framework in any sense. Versus say the Flask architecture within SELinux, which establishes a framework with well-defined semantics that can support a wide range of security models, but not arbitrary ones. -- Stephen Smalley National Security Agency - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
- References:
- Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks
- From: Török Edwin <[email protected]>
- Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks
- From: Stephen Smalley <[email protected]>
- Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks
- From: Christoph Hellwig <[email protected]>
- Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks
- From: Stephen Smalley <[email protected]>
- Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks
- From: Christoph Hellwig <[email protected]>
- Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: James Morris <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Greg KH <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Jan Engelhardt <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Arjan van de Ven <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Jan Engelhardt <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Greg KH <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: "Randy.Dunlap" <[email protected]>
- Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks
- Prev by Date: Re: [RFC][PATCH 0/11] security: AppArmor - Overview
- Next by Date: Re: Linux 2.6.17-rc2
- Previous by thread: Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- Next by thread: Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- Index(es):
 |