Re: [PATCH] ptrace: allow restriction of ptrace scope

From: Theodore Tso
Date: Fri Jun 18 2010 - 06:55:37 EST

Next message: Sergei Shtylyov: "Re: [PATCH] MAINTAINERS: some Atmel drivers change maintainer"
Previous message: Ingo Molnar: "Re: [RFC 1/3] Unified NMI delayed call mechanism"
In reply to: Casey Schaufler: "Re: [PATCH] ptrace: allow restriction of ptrace scope"
Next in thread: Eric W. Biederman: "Re: [PATCH] ptrace: allow restriction of ptrace scope"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

i think we really need to have stacked LSM's, because there is a large set
of people who will never use SELinux. Every few years, I take another
look at SELinux, my head explodes with the (IMHO unneeded complexity),
and I go away again...

Yet I would really like a number of features such as this ptrace scope idea ---
which I think is a useful feature, and it may be that stacking is the only
way we can resolve this debate. The SELinux people will never believe that
their system is too complicated, and I don't like using things that are impossible
for me to understand or configure, and that doesn't seem likely to change anytime
in the near future.

I mean, even IPSEC RFC's are easier for me to understand, and that's saying
a lot...

-- Ted

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Sergei Shtylyov: "Re: [PATCH] MAINTAINERS: some Atmel drivers change maintainer"
Previous message: Ingo Molnar: "Re: [RFC 1/3] Unified NMI delayed call mechanism"
In reply to: Casey Schaufler: "Re: [PATCH] ptrace: allow restriction of ptrace scope"
Next in thread: Eric W. Biederman: "Re: [PATCH] ptrace: allow restriction of ptrace scope"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]