Re: grsecurity in 2.5?

Chris Wright (chris@wirex.com)
Mon, 21 Apr 2003 16:39:41 -0700


* Grzegorz Jaskiewicz (gj@pointblue.com.pl) wrote:

> Maybe we should start to bring them piece by piece, fe. PaX first and
> others.

PaX is an example of something that won't port to LSM. The grsecurity
MAC, RBAC, chroot restrictions, TPE are the types of things that would port
nicely.

> Question is not that will somebody do that, i am sure of that - grsec is
> needed in 2.4 - and it will be needed in 2.6. Question is, if it will be
> included in mainstream kernel release ?

I don't expect to see it in 2.6 mainline at all. The patch could be
reduced if some of the core access control logic was placed in an LSM.

thanks,
-chris

-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/