Re: secure computing for 2.6.7

From: Stephen Smalley
Date: Tue Aug 03 2004 - 07:42:54 EST

Next message: viro: "Re: [PATCH 1/5] Add sysfs_dirent to sysfs dentry"
Previous message: Pasi Sjoholm: "Re: ksoftirqd uses 99% CPU triggered by network traffic (maybeRLT-8139 related)"
In reply to: V13: "Re: secure computing for 2.6.7"
Next in thread: Alexander Lyamin: "Re: secure computing for 2.6.7"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2004-07-07 at 15:27, Hans Reiser wrote:
> Am I right to think that this could complement nicely our plans
> described at www.namesys.com/blackbox_security.html

Hi Hans,

Out of curiosity, what do you think that this proposal will achieve that
cannot already be done via SELinux policy? SELinux policy can already
express access rules based not only on the executable and user, but even
the entire call chain that led to a given executable.

--
Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: viro: "Re: [PATCH 1/5] Add sysfs_dirent to sysfs dentry"
Previous message: Pasi Sjoholm: "Re: ksoftirqd uses 99% CPU triggered by network traffic (maybeRLT-8139 related)"
In reply to: V13: "Re: secure computing for 2.6.7"
Next in thread: Alexander Lyamin: "Re: secure computing for 2.6.7"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]