Received: by 2002:a25:683:0:0:0:0:0 with SMTP id 125csp959182ybg; Wed, 3 Jun 2020 19:24:30 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyARQfDoXZ5uMwDWIFI2Y+mXYzTdamQ9bJlZnLAfbxF1XunLFm9ZM0O10EuJGHui/tdT2Sv X-Received: by 2002:a17:906:3843:: with SMTP id w3mr2061213ejc.177.1591237470198; Wed, 03 Jun 2020 19:24:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1591237470; cv=none; d=google.com; s=arc-20160816; b=n9RUFYOyf/Ddwi9M2hOWtv7/+YhneecUT17bI/WS57e57LDvDs9/WEienqSGX38PL/ sOnvawk+DzPeLPNwAAQ/qF1/vQNNBWOnSORfoaS17CA9+N91z/eNuMIxrYxdYXaAh8kL 6TXk2102H6cxS3rWo6Z2o2uKU6J49yMVUdL0tzMjkrYljgvBuqazMn5WNOvxlys0Du80 7bc0wuOQcC05Hb0w51LGwyggzhOSowBIRpP/6I5+i6+f7DlaHwEmVVxjrjFdwCnBGWty LjUa2GQh0gQs+il2fMw640Cxq3iiwOxM+I8VA2XauHpYdIu86A/yZHqlDdV4TwWjuTYC BpDg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date; bh=1jMFNvSzhesrXw7+l1gOR0RQ2/0Yji1PwU3jPMxLXHs=; b=BI/zc7VyVEx7UMXN+OljBlNfsImo2GY9ISkH+S4IpR8MJRBwlnb5+t7ZS4IvlE29C3 zAs4Zsq/hJ6/tUFHAYjYs/pLdEghsTAzSf6al2P7uCd7rDpeVDQt5GJu8/mPvCQzdlK+ TMHmFYw9wF2XaDYuNehSZokKxaUhj6ZG7NFN8fWFKh+5oHEB90czOZK7YL61b05Th9YD 5qoZ0SU72AXwfXLL0gjEds3VMJnvrqqLP/KqI4q9EPe3W9rtbkkvKR6aT9L80F2lDQFw vxjUNd0BOrKKUBGKS4gHPn5JH3TE2n3mIH61ZSATZmrZq/ro1S5hWITsvhwGKEBPdHK0 9cPg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id z12si734918eju.555.2020.06.03.19.24.07; Wed, 03 Jun 2020 19:24:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726328AbgFDCNP (ORCPT + 99 others); Wed, 3 Jun 2020 22:13:15 -0400 Received: from namei.org ([65.99.196.166]:40866 "EHLO namei.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725946AbgFDCNP (ORCPT ); Wed, 3 Jun 2020 22:13:15 -0400 Received: from localhost (localhost [127.0.0.1]) by namei.org (8.14.4/8.14.4) with ESMTP id 0542D9ZU000367; Thu, 4 Jun 2020 02:13:09 GMT Date: Thu, 4 Jun 2020 12:13:09 +1000 (AEST) From: James Morris To: Casey Schaufler cc: Linus Torvalds , Paul Moore , selinux@vger.kernel.org, LSM List , Linux Kernel Mailing List Subject: Re: [GIT PULL] SELinux patches for v5.8 In-Reply-To: <761f5d15-3422-1834-7be5-8f3276d10172@schaufler-ca.com> Message-ID: References: <290017a8-d943-570f-1f90-acecf1c075a1@schaufler-ca.com> <761f5d15-3422-1834-7be5-8f3276d10172@schaufler-ca.com> User-Agent: Alpine 2.21 (LRH 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 3 Jun 2020, Casey Schaufler wrote: > On 6/3/2020 3:12 PM, James Morris wrote: > > On Wed, 3 Jun 2020, Casey Schaufler wrote: > > > >> The use of security modules was expected to be rare. > > This is not correct. Capabilities were ported to LSM and stacked from the > > beginning, and several major distros worked on LSM so they could ship > > their own security modules. > > Capabilities has always been a special case. > Until Android adopted SELinux the actual use of LSMs was rare. Nope, it was enabled by default in several distros and very widely deployed in the govt space (at least). -- James Morris