|From:||James Morris <jmorris-AT-redhat.com>|
|To:||Kylene Hall <kjhall-AT-us.ibm.com>|
|Subject:||Re: [PATCH 1 of 4] ima: related TPM device driver interal kernel interface|
|Date:||Fri, 20 May 2005 10:56:20 -0400 (EDT)|
|Cc:||linux-kernel-AT-vger.kernel.org, Andrew Morton <akpm-AT-osdl.org>, <sailer-AT-us.ibm.com>, <yoder1-AT-us.ibm.com>, <toml-AT-us.ibm.com>, <emilyr-AT-us.ibm.com>, Chris Wright <chrisw-AT-osdl.org>|
Why are you using LSM for this? LSM should be used for comprehensive access control frameworks which significantly enhance or even replace existing Unix DAC security. We're going to end up with a proliferation of arbitrary security features lacking an overall architectural view (I've written about this before, see http://www.ussg.iu.edu/hypermail/linux/kernel/0503.1/0300...). I think it would be better to implement this directly. - James -- James Morris <firstname.lastname@example.org>
Copyright © 2005, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds