[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080812192925.GC18034@infradead.org>
Date: Tue, 12 Aug 2008 15:29:25 -0400
From: Christoph Hellwig <hch@...radead.org>
To: Peter Dolding <oiaohm@...il.com>
Cc: "Serge E. Hallyn" <serue@...ibm.com>,
Mimi Zohar <zohar@...ibm.com>, serue@...ux.vnet.ibm.com,
Christoph Hellwig <hch@...radead.org>,
James Morris <jmorris@...ei.org>, linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
Randy Dunlap <randy.dunlap@...cle.com>, safford@...son.ibm.com,
sailer@...son.ibm.com, Stephen Smalley <sds@...ho.nsa.gov>,
Al Viro <viro@...iv.linux.org.uk>,
Mimi Zohar <zohar@...ux.vnet.ibm.com>
Subject: Re: [PATCH 3/4] integrity: Linux Integrity Module(LIM)
On Tue, Aug 12, 2008 at 06:41:16PM +1000, Peter Dolding wrote:
> We really do need to get credentials patch in to common store all this
> permission/secuirty data.. With a section for integrity related
> entries.
>
> Anti-Virus Passes and fails, signed running programs support and so on.
>
> Lot of different things need ways of recording integrity status's.
> Users also need to know if a application does not work is it TPM is it
> Anti-virus is it lack of signature.
Peter, please read up what the credentials patches do, or how struct
cred/ucred is used in SVR4 and BSD for the last 20 years. It is useful,
but it's not going to help with any of the strange thigns the AV or
Integrity people are doing.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists