lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LRH.2.00.0903271146560.11179@tundra.namei.org>
Date:	Fri, 27 Mar 2009 11:51:31 +1100 (EST)
From:	James Morris <jmorris@...ei.org>
To:	Pavel Machek <pavel@....cz>
cc:	kernel list <linux-kernel@...r.kernel.org>,
	linux-security-module@...r.kernel.org
Subject: Re: TOMOYO in linux-next

On Fri, 27 Mar 2009, Pavel Machek wrote:

> > > Security should be doable
> > > without making shell-like glob matching...
> > 
> > The TOMOYO developers have already responded to your feedback on this 
> > issue.  It's also an inherent aspect of pathname security, an issue which 
> > has been resolved in favour of inclusion in the kernel.
> 
> Do you have any references? My memory claims otherwise on this.

Al Viro merged the LSM pathname hooks.

> > As for the rest of the feedback, please work with the developers to fix 
> > any bugs or lack of documentation.
> 
> Which brings a question: given that kernel<->user interface is
> undocumented, how was this reviewed?

By 15 iterative posts to lkml and LSM, with extensive discussion and 
feedback, as well as presentations by the TOMOYO developers at various 
conferences around the world.



- James
-- 
James Morris
<jmorris@...ei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ