Re: LSM conversion to static interface [LWN.net]

From:		Linus Torvalds <torvalds-AT-linux-foundation.org>
To:		Andreas Gruenbacher <agruen-AT-suse.de>
Subject:		Re: LSM conversion to static interface
Date:		Fri, 19 Oct 2007 13:40:07 -0700 (PDT)
Message-ID:		<alpine.LFD.0.999.0710191336250.26902@woody.linux-foundation.org>
Cc:		Thomas Fricaccia <thomas_fricacci-AT-yahoo.com>, linux-kernel-AT-vger.kernel.org
Archive-link:		Article, Thread

On Fri, 19 Oct 2007, Andreas Gruenbacher wrote:
> 
> Non-trivial modules (i.e., practically everything beyond capabilities) become 
> effective only after loading policy, anyway. If you can load policy, you can 
> as well first load a security module without making the system insecure.

I'd like to note that I asked people who were actually affected, and had 
examples of their real-world use to step forward and explain their use, 
and that I explicitly mentioned that this is something we can easily 
re-visit.

But I also note that you did no such thing, neither has anybody else.

The fact is, security people *are* insane. You just argue all the time, 
instead fo doing anything productive. So please don't include me in the Cc 
on your insane arguments - instead do something productive and I'm 
interested.

Ok? That was the whole point of LSM in the first place. I'm *not* 
interested in getting roped into your insane arguments. I'm interested in 
moving forward and having real examples of real use and code. Until then, 
this issue is closed. I thought I had made that clear already, but 
apparently not clear enough.

So I repeat: we can undo that commit, but I will damn well not care one 
whit about yet another pointless security model flamewar.

		Linus

(Log in to post comments)