Re: [PATCH try #3] security: Convert LSM into a static interface

[Scott Preece]

On 7/19/07, James Morris <jmorris@xxxxxxxxx> wrote:
> On Thu, 19 Jul 2007, Serge E. Hallyn wrote:
>
> > If we could get a few (non-afilliated :) people who work with
> > customers in the security field to tell us whether this is being
> > used, that would be very helpful.  Not sure how to get that.
>
> The mainline kernel does not cater to out of tree code.

Please distinguish between "cater to" and "support". If the kernel
didn't worry about supporting out-of-tree code, then why would there
be loadable module at all?

Christian Ehrhardt already pointed to two reasons for loadable LSMs
that are sufficient to justify keeping them - so you can replace them
iteratively while you're developing them or choose between
alternatives.

Another twist is to use a tool to generate the module from a
policy-definition file; this could be done at boot-time or could be
done to replace the current policy on a running system (perhaps to add
a new domain corresponding to a newly added service). Yes, this would
need to be done with a lot of care, but part of providing mechanism
(rather than policy) is enabling people to use the mechanism in the
ways they prefer.

scott
--
scott preece
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/