Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Fri, 18 Oct 2002 12:24:40 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Fri, 18 Oct 2002 12:24:40 -0400 Received: from tsv.sws.net.au ([203.36.46.2]:10506 "EHLO tsv.sws.net.au") by vger.kernel.org with ESMTP id ; Fri, 18 Oct 2002 12:24:39 -0400 Content-Type: text/plain; charset=US-ASCII From: Russell Coker Reply-To: Russell Coker To: Christoph Hellwig , Valdis.Kletnieks@vt.edu Subject: Re: [PATCH] remove sys_security Date: Fri, 18 Oct 2002 18:30:28 +0200 User-Agent: KMail/1.4.3 Cc: linux-kernel@vger.kernel.org, linux-security-module@wirex.com References: <200210181514.g9IFEErG006526@turing-police.cc.vt.edu> <20021018161828.A5523@infradead.org> In-Reply-To: <20021018161828.A5523@infradead.org> MIME-Version: 1.0 Content-Transfer-Encoding: 7BIT Message-Id: <200210181830.28354.russell@coker.com.au> Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1473 Lines: 32 On Fri, 18 Oct 2002 17:18, Christoph Hellwig wrote: > > The part you're missing here is that the "fuzzy buzzword mechanism" is > > deployable *NOW*, and will provide *real benefits* *NOW*, rather than > > having to wait for the 2.7 or 3.1 or whatever kernel. > > By messing up the kernel. Note that I don't want to steal you your > code - deploy it if you want, but don't harm the mainline kernel with it. So how does it harm the mainline kernel to have a system call reserved for LSM and then not allow anything in the mainline kernel that uses it? Then we can deploy modules using the current LSM design without harming the mainline kernel. The only code that we really want to see in the mainline kernel is the hooks for permission checks. Personally I would not mind if no security module ever gets included in Linus' source tree. Disclaimer: This message is my own opinion, even if I was part of "team LSM" I would not be representing them in this issue. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/