Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)

[Valdis . Kletnieks]

On Mon, 17 Apr 2006 22:26:24 BST, Alan Cox said:

> You can implement a BSD securelevel model in SELinux as far as I can see
> from looking at it, and do it better than the code today, so its not
> really a feature drop anyway just a migration away from some fossils

For a while, I had some LSM code that implemented a large chunk of the
OpenWall/PAX restrictions.  But it never stacked well with SELinux, and in
time the SELinux code got more expressive and allowed doing almost everything
that the OpenWall stuff did.

The best case I can make for it today is "somebody might want to harden the
box a little bit, but not have the resources (mostly liveware) to do SELinux".
On the other hand, that also can be read as "Cargo-cult security is better
than no security at all".

If somebody wants to carry that banner, they're welcome to it.  At this point,
I'd be willing to heave most of the LSM framework over the side as long as we
keep the right to add a new SELinux hook if we can defend its existence (see
the recent additions to allow SELinux mediation of network stuff as an example).

Attachment: pgp00000.pgp
Description: PGP signature