Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)

--- "Serge E. Hallyn" <[email protected]> wrote:
 
> Ah yes.  It needed to be authoritative.  I did
> recall incorrectly.
> 
> I suspect some would argue that you are right that
> LSM is broken, but
> only because it wasn't allowed to be authoritative.

As I said at the time, I am disappointed that
authoritative hooks lost out, but it was hardly
the end of the world, and all in all, the LSM
that won out was a good first shot.

And of course, SGI's intent at the time was to
use LSM for audit. The prevailing attitude of
the day was that Linux would Never Allow Audit,
and a general scheme looked to be our best bet.
After LSM rejected authoritative hooks we
rewrote audit to use the accepted hook and,
get this, the Powers above canceled the project
the week we were to check it in.

I am happy to see the linux-audit project, and
happy to see POSIX ACLs as well. With an
authoritative LSM those would have been rolled
in and not required special interfaces of their
own. Oh well.

> Of course that
> was to increase chances of LSM upstream inclusion.

This was indeed a primary argument against
authoritative hooks, but the potential for
protrietary binary modules loomed large as
well.

> Sorry Casey and
> Linda,

Ack. That association was strictly corporate.
Please disregard.

> I bet that just makes it sting all the harder
> if LSM is now
> removed for not being sufficiently useful.

Eh, I've been right in the past and I've been
wrong in the past. I've had more code thrown out
of systems than a lot of you have ever written,
so an interface vector that's proven unpopular
isn't going to bring me down much.


Casey Schaufler
[email protected]
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• References:
  • Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
    • From: "Serge E. Hallyn" <[email protected]>

• Prev by Date: Re: [patch 3/4] dynamic configurable kref debugging
• Next by Date: Re: [patch 1/4] kref: warn kref_put() with unreferenced kref
• Previous by thread: Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
• Next by thread: Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]