[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4726E498.5060402@ii.net>
Date: Tue, 30 Oct 2007 16:00:24 +0800
From: Cliffe <cliffe@...net>
To: Al Viro <viro@....linux.org.uk>
CC: linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org
Subject: Re: Defense in depth: LSM *modules*, not a static interface
Al Viro wrote:
> On Tue, Oct 30, 2007 at 03:14:33PM +0800, Cliffe wrote:
>
>> Defense in depth has long been recognised as an important secure design
>> principle. Security is best achieved using a layered approach.
>>
>
> "Layered approach" is not a magic incantation to excuse any bit of snake
> oil. Homeopathic remedies might not harm (pure water is pure water),
> but that's not an excuse for quackery. And frankly, most of the
> "security improvement" crowd sound exactly like woo-peddlers.
>
I agree completely; but layers that provide actual security improvements
are important.
--
Z. Cliffe Schreuders
BSc Comp Sci (Hons) & Int Comp
PhD Candidate, Casual Tutor
School of IT
Murdoch University
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists