Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)

[Valdis . Kletnieks]

On Sat, 22 Apr 2006 13:52:57 PDT, Ken Brush said:
> That sysadmins are not sophisticated enough to properly configure the
> MAC systems AppArmor and SELinux effectively?

We know they're usually not.  There are a *few* that have a clue, but most
don't.  And as the Linux market grows, we're going to have more and more Linux
sysadmins with less than a year's experience...

>                                                Or that people who use
> AppArmor are not likely to put careful thought into the policies that
> they use?

They're not likely to put careful thought into it, *AND* that saying things
like "AppArmor is so *simple* to configure" only makes things worse - this
encourages unqualified people to create broken policy configurations.

I have no problem with "handles a lot of the grunt work so an
expert can write policy quicker" - there's people working on policy
editors for SELinux that address this as well.  It is however a dis-service
to conflate this with "makes it easy for non-experts to write policy".  Yes,
they may be able to "write policy" easily.  The question is whether it
enables then to "write *correct* policy" (easily, or at all).....

Attachment: pgp00000.pgp
Description: PGP signature