lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 24 Jun 2007 09:40:43 +0900 From: Toshiharu Harada <haradats@...data.co.jp> To: unlisted-recipients:; (no To-header on input) CC: Chris Wright <chrisw@...s-sol.org>, Chris Mason <chris.mason@...cle.com>, James Morris <jmorris@...ei.org>, Stephen Smalley <sds@...ho.nsa.gov>, Lars Marowsky-Bree <lmb@...e.de>, Pavel Machek <pavel@....cz>, Crispin Cowan <crispin@...ell.com>, Greg KH <greg@...ah.com>, Andreas Gruenbacher <agruen@...e.de>, jjohansen@...e.de, linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org, linux-fsdevel@...r.kernel.org Subject: Re: [AppArmor 39/45] AppArmor: Profile loading and manipulation, pathname matching > This thread is amazing. With so many smart people's precious time, > > What are the results? > What are the issues anyway? > Is anyone happy? (I'm not and I assume Chris is not) > > Yes, "waste of time" is taking place here, but > it's not for "pathname-based MAC" but for "wrongly posted messages", > I believe. I'm a relatively new to this ml, let me ask. > > Is this ml a place of judge or battle? (not to help or support?) > > Nothing is perfect, so we can work to make things to better, right? > I have suggestions: > > Let's clarify issues first. > - problems (or limitations) of pathname-based MAC > - advantages of pathname-based MAC > - how can pathname-based MAC supplement label based > (Stephen, James and Kyle, please help) > > Let's start the arguments again if we get the issues. > Threads should be definitely separated per issue and > a assigning a chair may help. Well, I crated a Wiki page. If it helps, please feel free to use it. I mean I would like people to add your issues here. It's wiki, so you are welcome to modify everything. http://tomoyo.sourceforge.jp/wiki-e/?MAC-ISSUES If ml is better, I have no objections. I just wanted to help discussion. > Above issues are independent of SELinux. We should not *compare* > SELinux and AA, that can cause a problem. Every software has > shortages that's why we need to work and we can make progress. > For some issues we may need to compare them, in that case > moderators would help. > > BTW I have posted a RFC of TOMOYO Linux that is another > pathname-based MAC. > http://lkml.org/lkml/2007/6/13/58 > AA and TOMOYO Linux have BoF sessions at OLS2007, > so it would be a great opportunity to *talk* over the issues. > > What I want to say is "let's make progress and help each other > to make Linux better". Cheers, Toshiharu Harada - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists