| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 28 Oct 2007 14:59:57 +0000 From: Simon Arlott <simon@...e.lp0.eu> To: Stefan Richter <stefanr@...6.in-berlin.de> CC: Tilman Schmidt <tilman@...p.cc>, Adrian Bunk <bunk@...nel.org>, Greg KH <greg@...ah.com>, Chris Wright <chrisw@...s-sol.org>, linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org, Jan Engelhardt <jengelh@...putergmbh.de>, Linus Torvalds <torvalds@...ux-foundation.org>, Andreas Gruenbacher <agruen@...e.de>, Thomas Fricaccia <thomas_fricacci@...oo.com>, Jeremy Fitzhardinge <jeremy@...p.org>, James Morris <jmorris@...ei.org>, Crispin Cowan <crispin@...spincowan.com>, Giacomo Catenazzi <cate@...ian.org>, Alan Cox <alan@...rguk.ukuu.org.uk> Subject: Re: eradicating out of tree modules On 28/10/07 14:37, Stefan Richter wrote: > Tilman Schmidt wrote: >> Am 28.10.2007 10:25 schrieb Stefan Richter: >>> You two are hypothesizing. >> >> No, we're not. We're discussing the very real issue of whether >> LSM should be amputated in such a way as to make life difficult >> for out of tree security module developers. > > I still believe you are. From what I understood, the API change had > technical reasons. (What I have read is that using security modules in > the form of loadable and unloadable kernel modules didn't make sense.) Stacking modules makes a lot of sense, it may be tricky to order sensibly, now if you want the features of more than one LSM (including those being added to the kernel), you need to *copy* the parts you want. Since you can't use modules to load them, because that feature's been removed, you need to maintain your own kernel tree for it or submit your changes which will eventually end up with LSMs that all do the same thing... This static LSM doesn't even make sense to me - what happens if I select both SECURITY_CAPABILITIES and SECURITY_ROOTPLUG? I can't easily check because I'm using 2.6.23 - so I can still reload my module while changing it to have a better configuration interface. Kconfig doesn't look like it will prevent it. Surely the options should be a multiple choice menu? Adrian's mentioned people eager to write drivers - LSMs aren't drivers, there's really nothing to work from except "security module that does X" and for that people should develop what they want themselves. There's no reason for out of tree *GPL* drivers to not exist, is there? How much of the non-driver code that gets merged into the kernel exists first as out of tree modules, rather than direct patches to the tree itself? It was made much easier since 2.4 to compile a module out of tree using a simple Makefile. (Perhaps that should be removed too?) -- Simon Arlott - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists