From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Dmitry V. Levin" To: devel@altlinux.ru Message-ID: <20010411115212.A3662@ldv.office.alt-linux.org> Mail-Followup-To: devel@altlinux.ru Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="J2SCkAp4GZ/dPZZf" Content-Disposition: inline X-fingerprint: 9658 398D 181B 1200 8FC5 26B8 F6F8 846B C1E2 3429 Subject: [devel] [crispin@WIREX.COM: Linux Security Module Interface] Sender: devel-admin@linux.iplabs.ru Errors-To: devel-admin@linux.iplabs.ru X-BeenThere: devel@linux.iplabs.ru X-Mailman-Version: 2.0 Precedence: bulk Reply-To: devel@linux.iplabs.ru List-Help: List-Post: List-Subscribe: , List-Id: IPLabs Linux Team Developers mailing list List-Unsubscribe: , List-Archive: X-Original-Date: Wed, 11 Apr 2001 11:52:13 +0400 Date: Wed, 11 Apr 2001 11:52:13 +0400 Archived-At: List-Archive: List-Post: --J2SCkAp4GZ/dPZZf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline ----- Forwarded message from Crispin Cowan ----- Date: Tue, 10 Apr 2001 17:04:12 -0700 From: Crispin Cowan To: BUGTRAQ@SECURITYFOCUS.COM Subject: Linux Security Module Interface Organization: WireX Communications, Inc. One of the byproducts of the Linux 2.5 Kernel Summit http://lwn.net/2001/features/KernelSummit/ was the notion of an enhancement of the loadable kernel module interface to facilitate security-oriented kernel modules. The purpose is to ease the tension between folks (such as Immunix and SELinux) who want to add substantial security capabilities to the kernel, and other folks who want to minimize kernel bloat & have no use for such security extensions. Modules that can be loaded, or not, are the obvious solution, but the current LKM does not export sufficient hooks to support many security mechanisms. Thus many current security enhancements end up existing as kernel patches, which marginalizes their utility by making distribution problematic. The proposed solution is to enhance the LKM with a variety of new kernel elements exported to the module interface, so as to support a reasonable variety of security enhancements. We have started a new mailing list called linux-security-module. The charter is to design, implement, and maintain suitable enhancements to the LKM to support a reasonable set of security enhancement packages. The prototypical module to be produced would be to port the POSIX Privs code out of the kernel and make it a module. An essential part of this project will be that the resulting work is acceptable for the mainline Linux kernel. The list is open to all. You can subscribe here http://mail.wirex.com/mailman/listinfo/linux-security-module or by sending e-mail to linux-security-module-request@wirex.com with a subject of "subscribe". Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org ----- End forwarded message ----- Regards, Dmitry +-------------------------------------------------------------------------+ Dmitry V. Levin mailto://ldv@alt-linux.org ALT Linux Team http://www.altlinux.ru/ Fandra Project http://www.fandra.org/ +-------------------------------------------------------------------------+ UNIX is user friendly. It's just very selective about who its friends are. --J2SCkAp4GZ/dPZZf Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE61A0s9viEa8HiNCkRAu8FAJ40U2VAkMolDimQ1y/1mDf5/WaekwCeIWNb kfSZb6xliGTAneC0/mkl9R4= =VBFD -----END PGP SIGNATURE----- --J2SCkAp4GZ/dPZZf-- _______________________________________________ Devel mailing list Devel@linux.iplabs.ru http://www.logic.ru/mailman/listinfo/devel