Re: Linux Security *Module* Framework (Was: LSM conversion to staticinterface)

[Linus Torvalds]

On Thu, 25 Oct 2007, Adrian Bunk wrote:
> 
> What I'm giving you is "Linus has decreed there can be LSMs other than 
> SELinux."
> 
> Getting LSMs included should no longer be harder than for other 
> parts of the kernel.

Well, despite my heart-felt feelings that we should support different 
people in trying out different things, one of the issues is also that I'm 
obviously not myself a security person. I can "decree" all I want, but in 
the end, I really want the people *involved* to merge security stuff. 

Right now Chris Wrigt is the documented maintainer for LSM, and quite 
frankly, I do not want to take it over. I really really really hope that
people that are interested in security can work this thing out, and my 
only requirement is that it doesn't end up being any kind of force-feeding 
of opinions and ideas, since clearly there is tons of room for 
disagreement in the area..

Do other people want to stand up and be "LSM maintainers" in the sense 
that they also end up being informed members who can also stand up for new 
modules and help merge them, rather than just push the existing one(s)? 
Chris? Casey? Crispin?

[ Ie there's the "core LSM hooks" on one side, but there's also the "what 
  modules make any sense at all to merge?" on the other, and I really 
  don't have the expertise to make any sensible judgements except for the 
  pure "process" judgement that we should not hardcode things to just one 
  module! ]

		Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/