Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S265814AbUFIRka (ORCPT ); Wed, 9 Jun 2004 13:40:30 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S265834AbUFIRka (ORCPT ); Wed, 9 Jun 2004 13:40:30 -0400 Received: from fw.osdl.org ([65.172.181.6]:47053 "EHLO mail.osdl.org") by vger.kernel.org with ESMTP id S265814AbUFIRk3 (ORCPT ); Wed, 9 Jun 2004 13:40:29 -0400 Date: Wed, 9 Jun 2004 10:40:25 -0700 From: Chris Wright To: Nico Schottelius , Chris Wright , Amon Ott , Linux Kernel Mailing List , dev@grsecurity.net Subject: Re: security patches / lsm Message-ID: <20040609104025.A21045@build.pdx.osdl.net> References: <20040122191158.GA1207@schottelius.org> <20040122150937.A8720@osdlab.pdx.osdl.net> <20040609090346.GG601@schottelius.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20040609090346.GG601@schottelius.org>; from nico-kernel@schottelius.org on Wed, Jun 09, 2004 at 11:03:46AM +0200 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1376 Lines: 32 * Nico Schottelius (nico-kernel@schottelius.org) wrote: > Sorry for the late answer! > > For me it looks like rsbac and grsecurity could get included in 2.6. > > It looks like Amon did the work necessary to intergrate it into 2.6. > (have a look at http://www.rsbac.org/). > > And grsecurity also works nice with 2.6 > (http://www.grsecurity.net/download.php). > > Who decides whether to integrate them or not? Ultimately, that's Linus, often with some input from the rest of the community. Look, it's very simple. Create patches, submit for public review, update according to feedback, resubmit, etc. The main problem here is the patches above are invasive and considering where we are in the 2.6 series (read: concerned utmost about stability) large invasive patches aren't appropriate. Further, there's an infrastructure designed to support some of the features in the above patchsets, LSM. And the idle complaints that it's inadequate without engaging in dialog or supplying patches don't work very far towards a solution. thanks, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/