[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <697420.13474.qm@web36613.mail.mud.yahoo.com>
Date: Tue, 30 Oct 2007 08:01:31 -0700 (PDT)
From: Casey Schaufler <casey@...aufler-ca.com>
To: Crispin Cowan <crispin@...spincowan.com>,
Al Viro <viro@....linux.org.uk>
Cc: Cliffe <cliffe@...net>, linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org
Subject: Re: Defense in depth: LSM *modules*, not a static interface
--- Crispin Cowan <crispin@...spincowan.com> wrote:
> Al Viro wrote:
> > On Tue, Oct 30, 2007 at 03:14:33PM +0800, Cliffe wrote:
> >
> >> Defense in depth has long been recognised as an important secure design
> >> principle. Security is best achieved using a layered approach.
> >>
> > "Layered approach" is not a magic incantation to excuse any bit of snake
> > oil. Homeopathic remedies might not harm (pure water is pure water),
> > but that's not an excuse for quackery. And frankly, most of the
> > "security improvement" crowd sound exactly like woo-peddlers.
> >
> Frank's point was that the static interface makes layering somewhere
> between impractical and impossible. The static interface change should
> be dumped so that layering is at least possible. Whether any given
> security module is worth while is a separate issue.
>
> I.e. that there are bad medicines around is a poor excuse to ban
> syringes and demand that everyone be born with a strong immune system.
>
> Why is it that security flame wars always end up reasoning with absurd
> analogies? :-)
That's my fault, sorry. I don't know why it's my fault,
but that's where it usually ends up and I thought I'd get
the blame bit out of the way. Gotta go squeeze some legless
reptiles now.
Casey Schaufler
casey@...aufler-ca.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists