| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 31 Dec 2007 07:27:51 -0800 (PST) From: Casey Schaufler <casey@...aufler-ca.com> To: Valdis.Kletnieks@...edu, Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp> Cc: serue@...ibm.com, linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: TOMOYO Linux Security Goal --- Valdis.Kletnieks@...edu wrote: > I'm pretty sure that most of the security community agrees on what "correct" > means - the disagreement is in the most cost-effective way to *create* one. Struth. (I'm practicing my Australian, it's gotten rusty) I say that the the only rational way to create a policy is to decide what you want the system to do and create your policy based on that. I think that calling something that does nothing more than enforce existing behavior without thought on what the behavior ought to be a "policy" does disservice to the entire security community. I realize that I'm in the minority on this one. Oh well. Casey Schaufler casey@...aufler-ca.com -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists