| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20070625143222.GA11997@vino.hallyn.com> Date: Mon, 25 Jun 2007 09:32:22 -0500 From: "Serge E. Hallyn" <serge@...lyn.com> To: Casey Schaufler <casey@...aufler-ca.com> Cc: "Serge E. Hallyn" <serge@...lyn.com>, James Morris <jmorris@...ei.org>, linux-security-module@...r.kernel.org, Chris Wright <chrisw@...s-sol.org>, Andrew Morgan <agm@...gle.com>, Andrew Morton <akpm@...gle.com>, Stephen Smalley <sds@...ho.nsa.gov>, lkml <linux-kernel@...r.kernel.org>, Arjan van de Ven <arjan@...radead.org>, Greg KH <greg@...ah.com>, Eric Paris <eparis@...hat.com> Subject: Re: [PATCH][RFC] security: Convert LSM into a static interface Quoting Casey Schaufler (casey@...aufler-ca.com): > > --- "Serge E. Hallyn" <serge@...lyn.com> wrote: > > > Quoting James Morris (jmorris@...ei.org): > > > Convert LSM into a static interface, as the ability to unload a security > > > module is not required by in-tree users and potentially complicates the > > > overall security architecture. > > > > > > Needlessly exported LSM symbols have been unexported, to help reduce API > > > abuse. > > > > > > Module parameters for the capability and root_plug modules have been > > > converted to kernel parameters. > > > > > > The SECURITY_FRAMEWORK_VERSION macro has also been removed. > > > > Sigh, as much as I would *like* to stay out of this (I don't > > use modules at all on any system where I can avoid it), won't > > it make development - and especially testing - of new lsms > > much more painful and therefore less likely? > > While there's lots of pain involved in developing an LSM > modern development environments (e.g. virtual machines) > have reduced the value of loadable modules for debug purposes. > > > I realize there has been a dearth of new LSMs to date, > > but so much excitment over those proposed! > > > but if > > for instance a new solaris 10 based capability module were written, > > well, people would want to be able to > > > > rmmod capability > > modprobe cap_prm > > I think the value is overrated. You would never want to do that > in a production environment, and in a debug environment you could > just as easily reboot and get some start-up testing out of the way. And in a development environment you can just as easily select CONFIG_XYZ=y, no? So we have two options, one which provides greater choice and flexibility. -serge - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists