Re: [AppArmor 00/45] AppArmor security module overview

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: <jjohansen@...>

Cc: <akpm@...>, <linux-kernel@...>, <linux-security-module@...>

Subject: Re: [AppArmor 00/45] AppArmor security module overview

Date: Friday, October 26, 2007 - 10:37 am

On Thu, 25 Oct 2007 23:40:24 -0700
jjohansen@suse.de wrote:

before going into the LSM / security side of things, I'd like to get
the VFS guys to look at your VFS interaction code.

In addition, I'd like to ask you to put a file in Documentation/
somewhere that describes what AppArmor is intended security protection
is (it's different from SELinux for sure for example); by having such a
document for each LSM user, end users and distros can make a more
informed decision which module suits their requirements... and it also
makes it possible to look at the implementation to see if it has gaps
to the intent, without getting into a pissing contest about which
security model is better; but unless the security goals are explicitly
described that's a trap that will keep coming back... so please spend
some time on getting a good description going here..

-- 
If you want to reach me at my work email, use arjan@linux.intel.com
For development, discussion and tips for power savings, 
visit http://www.lesswatts.org
-
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[AppArmor 00/45] AppArmor security module overview, , (Fri Oct 26, 2:40 am)

Re: [AppArmor 00/45] AppArmor security module overview, Arjan van de Ven, (Fri Oct 26, 10:37 am)

Re: [AppArmor 00/45] AppArmor security module overview, Christoph Hellwig, (Sat Oct 27, 4:47 pm)

Re: [AppArmor 00/45] AppArmor security module overview, Andreas Gruenbacher, (Sun Oct 28, 10:25 am)

Re: [AppArmor 00/45] AppArmor security module overview, Andreas Gruenbacher, (Fri Oct 26, 4:44 pm)

Re: [AppArmor 00/45] AppArmor security module overview, Arjan van de Ven, (Fri Oct 26, 5:13 pm)

Re: [AppArmor 00/45] AppArmor security module overview, Crispin Cowan, (Fri Oct 26, 6:16 pm)

Re: [AppArmor 00/45] AppArmor security module overview, Arjan van de Ven, (Fri Oct 26, 6:23 pm)

Re: [AppArmor 00/45] AppArmor security module overview, Andreas Gruenbacher, (Fri Oct 26, 5:24 pm)

Re: [AppArmor 00/45] AppArmor security module overview, John Johansen, (Fri Oct 26, 2:34 pm)

Re: [AppArmor 00/45] AppArmor security module overview, Arjan van de Ven, (Fri Oct 26, 4:15 pm)

Re: [AppArmor 00/45] AppArmor security module overview, John Johansen, (Fri Oct 26, 3:04 am)


linux-kernel:
Mike Galbraith	Re: regression: CD burning (k3b) went broke
Andi Kleen	[PATCH] [3/22] x86_64: Kill temp boot pmds
Alan Cox	Re: [PATCH][RFC] 4K stacks default, not a debug thing any more...?
Greg Kroah-Hartman	[PATCH 004/196] Chinese: add translation of SubmittingPatches
git:

openbsd-misc:

linux-netdev:
David Miller	[GIT]: Networking
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Gerrit Renker	[PATCH 05/37] dccp: Cleanup routines for feature negotiation
Brandeburg, Jesse	RE: [PATCH] e1000e: test MSI interrupts

Re: [AppArmor 00/45] AppArmor security module overview

Online users