Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755608AbYKUMiY (ORCPT ); Fri, 21 Nov 2008 07:38:24 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1753938AbYKUMiO (ORCPT ); Fri, 21 Nov 2008 07:38:14 -0500 Received: from igw2.watson.ibm.com ([129.34.20.6]:49589 "EHLO igw2.watson.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753912AbYKUMiN (ORCPT ); Fri, 21 Nov 2008 07:38:13 -0500 Subject: Re: [PATCH 2/4] integrity: Linux Integrity Module(LIM) From: david safford To: Christoph Hellwig Cc: Mimi Zohar , linux-kernel@vger.kernel.org, Andrew Morton , James Morris , Al Viro , Serge Hallyn , Mimi Zohar In-Reply-To: <20081120192612.GA15080@infradead.org> References: <20081120174506.GA20972@infradead.org> <1227208898.3066.36.camel@localhost.localdomain> <20081120192612.GA15080@infradead.org> Content-Type: text/plain Content-Transfer-Encoding: 7bit Date: Fri, 21 Nov 2008 07:37:01 -0500 Message-Id: <1227271021.3016.4.camel@localhost.localdomain> Mime-Version: 1.0 X-Mailer: Evolution 2.22.3.1 (2.22.3.1-1.fc9) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1392 Lines: 27 On Thu, 2008-11-20 at 14:26 -0500, Christoph Hellwig wrote: > On Thu, Nov 20, 2008 at 02:21:38PM -0500, david safford wrote: > > The consensus in the (insane) security community was to have an > > interface with selectable modules similar to LSM and its modules, > > so that users could easily choose among a set of integrity providers. > > So what other integrity provider is there waiting to be merged? Unless > there is a realistic mid-term candidate it's just pure bloat, and we > can introduce an abstraction once it's actually needed. > IMA tries to be generic, but it is still oriented around the Trusted Computing Group concept of hardware anchored lists of file measurements. We know of other projects looking at measurements of things that are not files, such as introspection of process memory invariants, and other integrity models not anchored in TCG hardware, such as public key signed files. I don't really know how close these other projects are to submission, but when this was reviewed on the LSM mailing list, everyone agreed with the abstraction. Hopefully some of the other interested people will chime in here. dave -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/