On Thu, 20 Apr 2006, Al Viro wrote:
> On Thu, Apr 20, 2006 at 02:50:32PM -0700, Linda Walsh wrote:
> > any access control scheme to be implemented? I've seen complaints
> > before on either here or the LSM list that one of the hurdles for
> > "legitimacy" was whether or not it fit on top of the current set of
> > LSM hooks. I also saw it asked whether or not LSM had been
> > designed
>
> ... and the answer is obviously "no". AFAICS, that was a way to get
> around Linus' "at least decide on a common set of core kernel modifications"
> without any kind of thinking being involved.
For reference, here are the original comments from Linus which were used
to conceive LSM:
http://marc.theaimsgroup.com/?l=linux-security-module&m=98706471912438&w=2
In a nutshell, Linus did not want to have to choose a security model.
In my view, the generic, correctly abstracted mechanism was actually
SELinux all along, and unfortunately, only a few people really understood
that then. SELinux was itself designed to allow different security models
to be composed, with clean separation of models, policy and enforcement
mechanism.
LSM was somewhat designed around SELinux, but necessarily lacking the
stronger semantics of SELinux, to allow other similar schemes to be
plugged in (the first significant example of which other than SELinux, has
only just appeared on lkml five years later).
- James
--
James Morris
<[email protected]>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]