Some well-respected contributors have taken exception my amplification
of Crispin Cowan's point about the patch that closes LSM.
Crispin Cowan <[EMAIL PROTECTED]> wrote:
> * It prevents enterprise users, and in fact anyone who isn't
> comfortable compiling their own kernel, from ever try
Yes, I think Crispin has succinctly summed it up: irrevocably closing
the LSM prevents commercial customers from using security modules other
than that provided by their Linux distributor. As Sarbanes-Oxley and
other regulatory laws require these customers to use "standard
kernels", the result is
Like many of us who earn a good living with Linux (for over a decade now) and
follow the kernel developer discussions with waxing and waning interest
depending on topic, I noticed James Morris' proposal to eliminate the LSM in
favor of ordaining SELinux as THE security framework forever and amen
3 matches
Mail list logo