--- Peter Dolding <[EMAIL PROTECTED]> wrote:
> Lets end the bitrot. Start having bits go into the main OS security > features where they should be. Gawd. Sorry, but we lost that argument in 1986 and the situation hasn't changed a bit since. Most people just don't want what we're selling. Do you know why Unix was a success and MULTICS* a failure? It's because Unix had mode bits and MULTICS had ACLs. Fortunately for those of us who wear titles like "Security Expert" or "Trust Technologist" with pride there are enough clinical paranoids in positions of authority to keep the Trusted System niche from closing up completely and hence supporting our Rock Star Lifestyles. The good news is that the situation is no worse than that faced by the people who are bringing you Infiniband or Itanium, neither of which will ever be the life of the party either. Sure security is important, but I learned (in college, and yes they had colleges way back then) not to drink too much at parties I'd crashed. LSM isn't all I want it to be either, but it's better than I ever got in the Proprietary OS world, and that includes when the MLS systems were bringing in $20million a pop. Trying to force features that virtually no one wants into any system is a bad idea. If you haven't read Man of LaMancha I strongly suggest you do so. Or at least see the play, it's got some catchy songs. ----- * If you don't know what MULTICS was you can buy me a beer and I'll tell you the whole story Casey Schaufler [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html