lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sun, 28 Oct 2007 14:59:57 +0000
From:	Simon Arlott <simon@...e.lp0.eu>
To:	Stefan Richter <stefanr@...6.in-berlin.de>
CC:	Tilman Schmidt <tilman@...p.cc>, Adrian Bunk <bunk@...nel.org>,
	Greg KH <greg@...ah.com>, Chris Wright <chrisw@...s-sol.org>,
	linux-kernel@...r.kernel.org,
	linux-security-module@...r.kernel.org,
	Jan Engelhardt <jengelh@...putergmbh.de>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Andreas Gruenbacher <agruen@...e.de>,
	Thomas Fricaccia <thomas_fricacci@...oo.com>,
	Jeremy Fitzhardinge <jeremy@...p.org>,
	James Morris <jmorris@...ei.org>,
	Crispin Cowan <crispin@...spincowan.com>,
	Giacomo Catenazzi <cate@...ian.org>,
	Alan Cox <alan@...rguk.ukuu.org.uk>
Subject: Re: eradicating out of tree modules

On 28/10/07 14:37, Stefan Richter wrote:
> Tilman Schmidt wrote:
>> Am 28.10.2007 10:25 schrieb Stefan Richter:
>>> You two are hypothesizing.
>> 
>> No, we're not. We're discussing the very real issue of whether
>> LSM should be amputated in such a way as to make life difficult
>> for out of tree security module developers.
> 
> I still believe you are.  From what I understood, the API change had
> technical reasons.  (What I have read is that using security modules in
> the form of loadable and unloadable kernel modules didn't make sense.)

Stacking modules makes a lot of sense, it may be tricky to order sensibly, 
now if you want the features of more than one LSM (including those being 
added to the kernel), you need to *copy* the parts you want. Since you 
can't use modules to load them, because that feature's been removed, you 
need to maintain your own kernel tree for it or submit your changes which 
will eventually end up with LSMs that all do the same thing...

This static LSM doesn't even make sense to me - what happens if I select 
both SECURITY_CAPABILITIES and SECURITY_ROOTPLUG? I can't easily check 
because I'm using 2.6.23 - so I can still reload my module while changing 
it to have a better configuration interface. Kconfig doesn't look like it 
will prevent it. Surely the options should be a multiple choice menu?


Adrian's mentioned people eager to write drivers - LSMs aren't drivers, 
there's really nothing to work from except "security module that does X" 
and for that people should develop what they want themselves.

There's no reason for out of tree *GPL* drivers to not exist, is there?
How much of the non-driver code that gets merged into the kernel exists 
first as out of tree modules, rather than direct patches to the tree 
itself? It was made much easier since 2.4 to compile a module out of tree 
using a simple Makefile. (Perhaps that should be removed too?)

-- 
Simon Arlott
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists