[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LFD.2.00.1003081516300.3669@localhost.localdomain>
Date: Mon, 8 Mar 2010 15:21:04 -0800 (PST)
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Eric Paris <eparis@...isplace.org>
cc: Ulrich Drepper <drepper@...il.com>,
Alan Cox <alan@...rguk.ukuu.org.uk>,
Ingo Molnar <mingo@...e.hu>, James Morris <jmorris@...ei.org>,
linux-kernel@...r.kernel.org, Kyle McMartin <kyle@...artin.ca>,
Alexander Viro <viro@....linux.org.uk>
Subject: Re: Upstream first policy
On Mon, 8 Mar 2010, Eric Paris wrote:
>
> answering a different post in the same email: I accept "THERE ARE
> DIFFERENT CASES." You go on to say "So I'm not suggesting we
> _replace_ content-based security with pathname-based security. I'm
> just saying that pathnames actually do matter for security, and that
> they are an independent issue." But what you are suggesting is
> EXACTLY that our users should _replace_ content-based security with
> pathname-based security when they have to boot with security=TOMOYO
> instead of security=SMACK.
No.
Because we already _have_ content-based security. The traditional UNIX
model is all about "labeling", ie the inode-based security.
The fact that the extended security is then using something else in Tomoyo
or AppArmor doesn't remove the traditional security model.
Again, your whole email is just "assuming" that selinux is the thing to
be. No logic to your post at all. If you are using a AppArmor-based thing,
you're not "switching" from SELinux to AppArmor. You're just using it.
Get it? The Ubuntu people seem to be happy with AppArmor. Deal with it.
SELinux isn't the end-all and be-all of everything.
Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists