From: "Dmitry V. Levin" <ldv@alt-linux.org> To: devel@altlinux.ru Subject: [devel] [crispin@WIREX.COM: Linux Security Module Interface] Date: Wed, 11 Apr 2001 11:52:13 +0400 Message-ID: <20010411115212.A3662@ldv.office.alt-linux.org> (raw) [-- Attachment #1: Type: text/plain, Size: 2428 bytes --] ----- Forwarded message from Crispin Cowan <crispin@WIREX.COM> ----- Date: Tue, 10 Apr 2001 17:04:12 -0700 From: Crispin Cowan <crispin@WIREX.COM> To: BUGTRAQ@SECURITYFOCUS.COM Subject: Linux Security Module Interface Organization: WireX Communications, Inc. One of the byproducts of the Linux 2.5 Kernel Summit http://lwn.net/2001/features/KernelSummit/ was the notion of an enhancement of the loadable kernel module interface to facilitate security-oriented kernel modules. The purpose is to ease the tension between folks (such as Immunix and SELinux) who want to add substantial security capabilities to the kernel, and other folks who want to minimize kernel bloat & have no use for such security extensions. Modules that can be loaded, or not, are the obvious solution, but the current LKM does not export sufficient hooks to support many security mechanisms. Thus many current security enhancements end up existing as kernel patches, which marginalizes their utility by making distribution problematic. The proposed solution is to enhance the LKM with a variety of new kernel elements exported to the module interface, so as to support a reasonable variety of security enhancements. We have started a new mailing list called linux-security-module. The charter is to design, implement, and maintain suitable enhancements to the LKM to support a reasonable set of security enhancement packages. The prototypical module to be produced would be to port the POSIX Privs code out of the kernel and make it a module. An essential part of this project will be that the resulting work is acceptable for the mainline Linux kernel. The list is open to all. You can subscribe here http://mail.wirex.com/mailman/listinfo/linux-security-module or by sending e-mail to linux-security-module-request@wirex.com with a subject of "subscribe". Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org ----- End forwarded message ----- Regards, Dmitry +-------------------------------------------------------------------------+ Dmitry V. Levin mailto://ldv@alt-linux.org ALT Linux Team http://www.altlinux.ru/ Fandra Project http://www.fandra.org/ +-------------------------------------------------------------------------+ UNIX is user friendly. It's just very selective about who its friends are. [-- Attachment #2: Type: application/pgp-signature, Size: 232 bytes --]
next reply other threads:[~2001-04-11 7:52 UTC|newest] Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top 2001-04-11 7:52 Dmitry V. Levin [this message] 2001-04-11 8:02 ` [devel] инсталятор Kostya Timoshenko 2001-04-11 8:50 ` Stanislav Ievlev 2001-04-11 9:00 ` [devel] " Alexander Bokovoy 2001-04-11 9:27 ` [devel] " Alexander Bokovoy 2001-04-11 11:24 ` Dmitry V. Levin
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20010411115212.A3662@ldv.office.alt-linux.org \ --to=ldv@alt-linux.org \ --cc=devel@altlinux.ru \ --cc=devel@linux.iplabs.ru \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
ALT Linux Team development discussions This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/devel/0 devel/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 devel devel/ http://lore.altlinux.org/devel \ devel@altlinux.org devel@altlinux.ru devel@lists.altlinux.org devel@lists.altlinux.ru devel@linux.iplabs.ru mandrake-russian@linuxteam.iplabs.ru sisyphus@linuxteam.iplabs.ru public-inbox-index devel Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.devel AGPL code for this site: git clone https://public-inbox.org/public-inbox.git