| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Apr 2008 11:40:59 -0400 From: Paul Moore <paul.moore@...com> To: Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp> Cc: akpm@...ux-foundation.org, linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org, Kentaro Takeda <takedakn@...data.co.jp>, Toshiharu Harada <haradats@...data.co.jp>, linux-fsdevel <linux-fsdevel@...r.kernel.org>, linux-netdev <netdev@...r.kernel.org> Subject: Re: [TOMOYO #7 30/30] Hooks for SAKURA and TOMOYO. On Friday 04 April 2008 8:23:12 am Tetsuo Handa wrote: > This file contains modifications against kernel source code > needed to use TOMOYO Linux 1.6. > > Although LSM hooks are provided for performing access control, > TOMOYO Linux 1.6 doesn't use LSM because of the following reasons. Hello, I understand your frustration with the existing LSM hooks/API and your reasoning for abandoning LSM in favor of a new set of hooks, however, I think this sets a dangerous precedence which could result in an abundance of security related hooks scattered throughout the kernel. I would much rather see the LSM API extended/tweaked to support the needs of SAKURA and TOMOYO than ignored and duplicated; I suspect several others will say the same. You have made good progress with TOMOYO so far and if I can remember correctly you really only have one hurdle left, the VFS portion. Please continue to seek a solution to this that fits within the LSM framework. Thank you. -- paul moore linux @ hp -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists