Re: [PATCH] remove sys_security

From: Christoph Hellwig (
Date: Fri Oct 18 2002 - 10:18:28 EST

On Fri, Oct 18, 2002 at 11:14:14AM -0400, wrote:
> OK.. I'll grant that a lot of things done here are fixing the fact that
> there are some really fundamental botches in the Linux kernel, such as
> the fact that there isn't a long history of Posix-capability flavor
> separation (so processes need to start as root just so they can bind
> a low-number port - blech).
> Would fixing *ALL* of that history (and all the userspace crap that has
> grown on top of it) be *LESS* invasive/disruptive than what LSM does?

It would most certainly not be less invasive. But that's okay.
We want stuff fixed properly, not least invasive.

> Do you have a projected timeline of when this mythical "all the warts in the
> kernel are fixed and all the userspace cruft is cleaned up" world will happen?

It depends on how many people actually work on it..

> I'd like some sort of reasonable estimate, so I know whether this will be
> before or after I retire. (While we're at it, can we reverse the definition
> of the 'r' and 'x' permissions on directories, so 'umask 037' doesn't result
> in directories with borked permissions? I'm actually somewhat serious here -
> this is the sort of thing that will need to be cleaned up and fixed all over
> the place...)

I dount you can change the meaning of the mod bits ever. Adding something
like a umask for directories (dmask) might be possible, though.

> The part you're missing here is that the "fuzzy buzzword mechanism" is
> deployable *NOW*, and will provide *real benefits* *NOW*, rather than having
> to wait for the 2.7 or 3.1 or whatever kernel.

By messing up the kernel. Note that I don't want to steal you your
code - deploy it if you want, but don't harm the mainline kernel with it.

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

This archive was generated by hypermail 2b29 : Wed Oct 23 2002 - 22:00:41 EST