Date: Thu, 4 Nov 2004 21:16:25 -0500 (EST)
From: James Morris <jmorris@redhat.com>
To: Chris Wright <chrisw@osdl.org>
cc: "Serge E. Hallyn" <serue@us.ibm.com>, Andrew Morton <akpm@osdl.org>,
       lkml <linux-kernel@vger.kernel.org>,
       Stephen Smalley <sds@epoch.ncsc.mil>
Subject: Re: [RFC] [PATCH] [0/6] LSM Stacking
In-Reply-To: <20041104170555.G2357@build.pdx.osdl.net>
Message-ID: <Xine.LNX.4.44.0411042057500.21344-100000@thoron.boston.redhat.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1432
Lines: 40

On Thu, 4 Nov 2004, Chris Wright wrote:

> Understood, although I don't think you'll get SELinux folks to agree
> that it could be useful in conjuction with other modules like that.

SELinux folks have differing opinions.  Security module stacking would
obviously be useful for research & development, but there is a question in
my mind of whether this is justification enough for the feature in a
mainline kernel.

If it turns out to be generally useful to stack some security modules,
then it might be better to incorporate their functionality into SELinux
(or some other single module) so that policy and configuration can be
managed and analyzed under one system.

Something to keep in mind is that SELinux is a generic access control
framework specifically designed to allow flexible composition of different
security models under a centralized security policy.

LSM is a useful framework for implementing different security _systems_,
but I don't think it's suitable for composition of security models.  
That's what SELinux is for.

> The real bottom line is that it can't slow anything down for the single
> module case.

Agreed.


- James
-- 
James Morris
<jmorris@redhat.com>


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/