(finally starting to make headway through this thread over a month late) Quoting Alan Cox ([EMAIL PROTECTED]): > > To reject an LSM for providing "bad" security, IMHO you should have to > > show how it is possible to subvert the self-stated goals of that LSM. > > Complaints that the LSM fails to meet some goal outside of its stated > > purpose is irrelevant. Conjecture that it probably can be violated > > because of $contrivance is just so much FUD. > > That seems to be an appropriate test. > > > Exception: it is valid to say that the self-stated goal is too narrow to > > be useful. But IMHO that bar of "too narrow" should be very, very low. > > Defenses against specific modes of attack would be a fine thing to build > > up in the library of LSMs, especially if we got a decent stacking module > > so that they could be composed. > > Once you have stacking then it actually at times will make sense to have > security modules that do one very precise thing and do it well.
Hey - I thought it was the other way around? :) -serge - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
