User: Password:
|
|
Subscribe / Log in / New account

Re: [PATCH 1 of 4] ima: related TPM device driver interal kernel interface

From:  James Morris <jmorris-AT-redhat.com>
To:  Kylene Hall <kjhall-AT-us.ibm.com>
Subject:  Re: [PATCH 1 of 4] ima: related TPM device driver interal kernel interface
Date:  Fri, 20 May 2005 10:56:20 -0400 (EDT)
Cc:  linux-kernel-AT-vger.kernel.org, Andrew Morton <akpm-AT-osdl.org>, <sailer-AT-us.ibm.com>, <yoder1-AT-us.ibm.com>, <toml-AT-us.ibm.com>, <emilyr-AT-us.ibm.com>, Chris Wright <chrisw-AT-osdl.org>
Archive-link:  Article, Thread

Why are you using LSM for this?

LSM should be used for comprehensive access control frameworks which 
significantly enhance or even replace existing Unix DAC security.

We're going to end up with a proliferation of arbitrary security features 
lacking an overall architectural view (I've written about this before, 
see http://www.ussg.iu.edu/hypermail/linux/kernel/0503.1/0300...).

I think it would be better to implement this directly.



- James
-- 
James Morris
<jmorris@redhat.com>




(Log in to post comments)


Copyright © 2005, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds