| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Nov 2016 10:51:44 -0800
From: John Johansen <john.johansen@...onical.com>
To: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>,
linux-security-module@...r.kernel.org
Cc: linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/8] CaitSith LSM module
On 11/22/2016 10:31 PM, Tetsuo Handa wrote:
> Tetsuo Handa wrote:
>> John Johansen wrote:
>>>> In order to minimize the burden of reviewing, this patchset implements
>>>> only functionality of checking program execution requests (i.e. execve()
>>>> system call) using pathnames. I'm planning to add other functionalities
>>>> after this version got included into mainline. You can find how future
>>>> versions of CaitSith will look like at http://caitsith.osdn.jp/ .
>>>>
>>> Thanks I've started working my way through this, but it is going to take
>>> me a while.
>>>
>>
>> Thank you for your time.
>
> May I hear the status? Is there something I can do other than waiting?
>
progressing very slowly, I have some time over the next few days as its a
long weekend here in the US some hopefully I can finish this up
> I wrote a full manual for this patchset as http://caitsith.osdn.jp/index2.html .
thanks
> Does anybody have fundamental objection against CaitSith?
>
I don't have any objections to CaitSith, but I do worry about the
maintenance of Tomoyo. It feels like there should be a better migration
path for Tomoyo users to CaitSith so that you only have to maintain one
of them.
Powered by blists - more mailing lists