Re: Linux Security *Module* Framework (Was: LSM conversion to static interface)

!MAILaRCHIVE_VOTE_RePLACE
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
To: Peter Dolding <oiaohm@...>
Cc: <casey@...>, Toshiharu Harada <haradats@...>, Crispin Cowan <crispin@...>, <linux-kernel@...>, <linux-security-module@...>
Date: Monday, November 5, 2007 - 2:56 am

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Peter Dolding wrote:

For the record, I think you are both right. I took a stab at it back
when Casey and I first met:

ftp://ftp.kernel.org/pub/linux/libs/security/linux-privs/old/kernel-2.4-fcap/README

all that stuff worked fine it was just a bit ahead of its time...

- From memory, at that point in time "extended attributes" were an
external patch, and having some trouble getting merged. My sense was
that EA was a pre-requisite and I was happy to wait for that support to
become integrated before pushing my file capability support.

In the midst of all this LSM emerged as a reaction to Linus' clear
unhappiness about all extensions security. I didn't have the time to
participate in the LSM, and my work sat in the form of these patches.

SELinux at that time existed as a separate infrastructure, and evidently
did have the time to embrace LSM.


[...]

So, yes, IBM (Serge) deserve full credit for starting over, and getting
it merged...

Cheers

Andrew
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFHLr6EQheEq9QabfIRAsOrAJ9XzTL0Lqm5jaxwO6UoPB9Pwh3SzQCfVWFd
cPyjsGp/s6D6HuBE6M4NJH0=
=G/ah
-----END PGP SIGNATURE-----
-
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:
Re: Linux Security *Module* Framework (Was: LSM conversion t..., Andrew Morgan, (Mon Nov 5, 2:56 am)
Re: Defense in depth: LSM *modules*, not a static interface, Casey Schaufler, (Tue Nov 6, 11:35 pm)
Re: Defense in depth: LSM *modules*, not a static interface, Casey Schaufler, (Wed Nov 7, 12:34 am)
Re: Defense in depth: LSM *modules*, not a static interface, Casey Schaufler, (Tue Oct 30, 11:01 am)