Re: Linux Security *Module* Framework (Was: LSM conversion to static interface) | KernelTrap

Re: Linux Security Module Framework (Was: LSM conversion to static interface)

view
thread

!MAILaRCHIVE_VOTE_RePLACE

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Chris Wright <chrisw@...>

To: Casey Schaufler <casey@...>

Cc: Adrian Bunk <bunk@...>, Simon Arlott <simon@...>, Chris Wright <chrisw@...>, <linux-kernel@...>, <linux-security-module@...>, Jan Engelhardt <jengelh@...>, Linus Torvalds <torvalds@...>, Andreas Gruenbacher <agruen@...>, Thomas Fricaccia <thomas_fricacci@...>, Jeremy Fitzhardinge <jeremy@...>, James Morris <jmorris@...>, Crispin Cowan <crispin@...>, Giacomo Catenazzi <cate@...>, Alan Cox <alan@...>

Subject: Re: Linux Security *Module* Framework (Was: LSM conversion to static interface)

Date: Wednesday, October 24, 2007 - 8:23 pm

* Casey Schaufler (casey@schaufler-ca.com) wrote:
quoted text> And don't give me the old "LKML is a tough crowd" feldercarb.
> Security modules have been much worse. Innovation, even in
> security, is a good thing and treating people harshly, even
> "for their own good", is an impediment to innovation.

I agree that innovation is critical to the success of Linux, and security
is not immune to that.  The trouble is that most of the security modules
that have come forward have had some real serious shortcomings.  I do
believe it is prudent to keep in-tree security sensitive code under
high scrutiny because we do not want to create security holes by adding
problematic security code.

thanks,
-chris
-
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: LSM conversion to static interface, Linus Torvalds, (Wed Oct 17, 10:18 pm)

Re: Re: LSM conversion to static interface, Crispin Cowan, (Sun Oct 21, 9:12 pm)

Re: LSM conversion to static interface, Andreas Gruenbacher, (Fri Oct 19, 4:26 pm)

Re: LSM conversion to static interface, James Morris, (Fri Oct 19, 5:07 pm)

Re: LSM conversion to static interface, Linus Torvalds, (Fri Oct 19, 4:40 pm)

Re: LSM conversion to static interface, Jan Engelhardt, (Sat Oct 20, 7:05 am)

Re: LSM conversion to static interface, James Morris, (Sat Oct 20, 6:57 pm)

Re: LSM conversion to static interface, Jan Engelhardt, (Tue Oct 23, 5:13 am)

Re: LSM conversion to static interface [revert patch], Arjan van de Ven, (Tue Oct 23, 12:09 am)

Re: LSM conversion to static interface [revert patch], James Morris, (Tue Oct 23, 12:56 am)

Re: LSM conversion to static interface [revert patch], Arjan van de Ven, (Tue Oct 23, 12:57 am)

Re: LSM conversion to static interface [revert patch], Chris Wright, (Tue Oct 23, 1:16 am)

Re: LSM conversion to static interface [revert patch], Jeremy Fitzhardinge, (Tue Oct 23, 8:31 pm)

Re: LSM conversion to static interface [revert patch], Arjan van de Ven, (Wed Oct 24, 1:06 am)

Linux Security *Module* Framework (Was: LSM conversion to st..., Simon Arlott, (Wed Oct 24, 7:50 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Tetsuo Handa, (Sat Oct 27, 10:08 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Crispin Cowan, (Mon Nov 5, 2:42 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Adrian Bunk, (Wed Oct 24, 8:55 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Simon Arlott, (Wed Oct 24, 2:11 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Adrian Bunk, (Wed Oct 24, 6:31 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Tilman Schmidt, (Thu Oct 25, 7:09 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Greg KH, (Thu Oct 25, 10:56 pm)

Out-of-tree modules [was: Linux Security *Module* Framework], Jan Engelhardt, (Mon Oct 29, 7:51 pm)

Re: Out-of-tree modules [was: Linux Security *Module* Framew..., Lee Revell, (Mon Oct 29, 8:46 pm)

Re: Out-of-tree modules [was: Linux Security *Module* Framew..., Jan Engelhardt, (Mon Oct 29, 9:19 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Tilman Schmidt, (Fri Oct 26, 5:46 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Adrian Bunk, (Fri Oct 26, 7:26 pm)

eradicating out of tree modules (was: : Linux Security *Modu..., Tilman Schmidt, (Sat Oct 27, 10:47 am)

Re: eradicating out of tree modules (was: : Linux Security *..., Adrian Bunk, (Sat Oct 27, 8:55 pm)

Re: eradicating out of tree modules, Tilman Schmidt, (Sun Oct 28, 2:51 pm)

Re: eradicating out of tree modules, Adrian Bunk, (Sun Oct 28, 3:25 pm)

Re: eradicating out of tree modules, Tilman Schmidt, (Mon Oct 29, 8:29 pm)

Re: eradicating out of tree modules, linux-os (Dick Johnson), (Tue Oct 30, 9:11 am)

Re: eradicating out of tree modules, Greg KH, (Tue Oct 30, 11:30 am)

Re: eradicating out of tree modules, Xavier Bestel, (Tue Oct 30, 9:19 am)

Re: eradicating out of tree modules, Stefan Richter, (Sun Oct 28, 5:25 am)

Re: eradicating out of tree modules, Tilman Schmidt, (Sun Oct 28, 8:01 am)

Re: eradicating out of tree modules, Stefan Richter, (Sun Oct 28, 10:37 am)

Re: eradicating out of tree modules, Tilman Schmidt, (Sun Oct 28, 12:55 pm)

Re: eradicating out of tree modules, Simon Arlott, (Sun Oct 28, 10:59 am)

Re: eradicating out of tree modules, Stefan Richter, (Sat Oct 27, 1:31 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Greg KH, (Fri Oct 26, 11:58 am)

eradicating out of tree modules (was: Linux Security *Module..., Tilman Schmidt, (Sat Oct 27, 10:07 am)

Re: eradicating out of tree modules (was: Linux Security *Mo..., Adrian Bunk, (Sat Oct 27, 9:21 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Simon Arlott, (Fri Oct 26, 12:32 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Fri Oct 26, 3:09 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Greg KH, (Fri Oct 26, 11:54 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Simon Arlott, (Thu Oct 25, 7:44 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Casey Schaufler, (Wed Oct 24, 6:58 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Chris Wright, (Wed Oct 24, 8:23 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Casey Schaufler, (Wed Oct 24, 9:42 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Toshiharu Harada, (Mon Oct 29, 11:23 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Tue Oct 30, 4:40 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Toshiharu Harada, (Tue Oct 30, 5:21 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Crispin Cowan, (Tue Oct 30, 4:50 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Tue Oct 30, 5:27 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Pavel Machek, (Sat Oct 27, 2:22 pm)

Re: Linux Security *Module* Framework, Tilman Schmidt, (Sun Oct 28, 3:42 pm)

Re: Linux Security *Module* Framework, Jan Engelhardt, (Sun Oct 28, 4:46 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Ray Lee, (Wed Oct 24, 8:35 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Bernd Petrovitsch, (Thu Oct 25, 5:19 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Ray Lee, (Thu Oct 25, 12:04 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Bernd Petrovitsch, (Tue Oct 30, 5:41 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Arjan van de Ven, (Thu Oct 25, 1:10 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Alan Cox, (Wed Oct 24, 9:41 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Crispin Cowan, (Sun Oct 28, 6:08 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Arjan van de Ven, (Mon Oct 29, 1:12 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Peter Dolding, (Sun Oct 28, 7:55 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Alan Cox, (Sun Oct 28, 6:50 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., , (Mon Nov 26, 4:42 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Ray Lee, (Thu Oct 25, 2:17 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Pavel Machek, (Sat Oct 27, 2:29 pm)

RE: Linux Security *Module* Framework (Was: LSM conversion t..., Hua Zhong, (Sun Oct 28, 3:05 pm)

RE: Linux Security *Module* Framework (Was: LSM conversion t..., Hua Zhong, (Sun Oct 28, 2:48 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Alan Cox, (Thu Oct 25, 6:21 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., , (Thu Oct 25, 11:45 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Peter Dolding, (Fri Oct 26, 1:44 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., , (Wed Oct 24, 10:11 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Peter Dolding, (Wed Oct 24, 9:26 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Adrian Bunk, (Wed Oct 24, 7:32 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Linus Torvalds, (Wed Oct 24, 7:42 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Chris Wright, (Wed Oct 24, 8:41 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Toshiharu Harada, (Mon Oct 29, 11:37 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Arjan van de Ven, (Wed Oct 24, 10:19 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Casey Schaufler, (Wed Oct 24, 9:03 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Wed Oct 24, 2:51 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Crispin Cowan, (Wed Oct 24, 4:18 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Wed Oct 24, 4:46 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Casey Schaufler, (Wed Oct 24, 5:29 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Simon Arlott, (Wed Oct 24, 2:59 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Wed Oct 24, 3:04 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., David P. Quigley, (Wed Oct 24, 5:02 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Simon Arlott, (Thu Oct 25, 7:38 am)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Casey Schaufler, (Wed Oct 24, 5:58 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., David P. Quigley, (Wed Oct 24, 6:04 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Wed Oct 24, 5:42 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Serge E. Hallyn, (Wed Oct 24, 5:37 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Kyle Moffett, (Wed Oct 24, 11:50 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., , (Wed Oct 24, 9:50 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Wed Oct 24, 5:51 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., David P. Quigley, (Wed Oct 24, 6:02 pm)

Re: Linux Security *Module* Framework (Was: LSM conversion t..., Jan Engelhardt, (Wed Oct 24, 7:13 pm)

Re: LSM conversion to static interface [revert patch], Chris Wright, (Tue Oct 23, 8:32 pm)

Re: LSM conversion to static interface [revert patch], Jan Engelhardt, (Tue Oct 23, 5:10 am)

Re: LSM conversion to static interface [revert patch], Chris Wright, (Tue Oct 23, 5:13 am)

Re: LSM conversion to static interface [revert patch], Jan Engelhardt, (Tue Oct 23, 5:14 am)

Re: LSM conversion to static interface, Adrian Bunk, (Sun Oct 21, 6:59 pm)

Re: LSM conversion to static interface, Giacomo Catenazzi, (Tue Oct 23, 1:44 am)

Re: LSM conversion to static interface, Jan Engelhardt, (Tue Oct 23, 4:55 am)

Re: LSM conversion to static interface, Serge E. Hallyn, (Tue Oct 23, 11:20 am)

Re: LSM conversion to static interface, Jan Engelhardt, (Tue Oct 23, 11:28 am)

Re: LSM conversion to static interface, Serge E. Hallyn, (Tue Oct 23, 11:34 am)

Re: LSM conversion to static interface, , (Thu Oct 25, 6:23 am)

Re: LSM conversion to static interface, Giacomo A. Catenazzi, (Tue Oct 23, 5:14 am)

Re: LSM conversion to static interface, Jan Engelhardt, (Tue Oct 23, 5:18 am)

Navigation

Popular discussions


linux-kernel:
James Bottomley	[Ksummit-2008-discuss] Fixing the Kernel Janitors project
Greg KH	[GIT PATCH] driver core patches against 2.6.24
Tarkan Erimer	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
David Miller	Slow DOWN, please!!!
git:

linux-netdev:
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
David Miller	[GIT]: Networking
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
David Miller	Re: iptables very slow after commit 784544739a25c30637397ace5489eeb6e15d7d49
openbsd-misc:

Colocation donated by:

Who's online

There are currently 0 users and 633 guests online.

Syndicate