| To: | jmorris@xxxxxxxxxxxxxxxx |
|---|---|
| Subject: | Re: [PATCH] LSM networking: tcp hooks for 2.5.59 (8/8) |
| From: | "David S. Miller" <davem@xxxxxxxxxx> |
| Date: | Thu, 30 Jan 2003 15:25:58 -0800 (PST) |
| Cc: | kuznet@xxxxxxxxxxxxx, netdev@xxxxxxxxxxx, linux-security-module@xxxxxxxxx |
| In-reply-to: | <Pine.LNX.4.44.0301311017140.31802-100000@xxxxxxxxxxxxxxxxxxxxxxxxxx> |
| References: | <Pine.LNX.4.44.0301311010580.31382-100000@xxxxxxxxxxxxxxxxxxxxxxxxxx> <Pine.LNX.4.44.0301311017140.31802-100000@xxxxxxxxxxxxxxxxxxxxxxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
No, no, and no. This stuff will not pass. There is no way in hell we're going to insert this security crap into the actual protocol implementations. I was right in seeing this as a virus that will eventually infect the whole tree. None of these security modules should know jack anything about open requests and other TCP internals. This stuff is totally unmaintainable garbage. And I do not want to hear "well how can we implement xxx which we need for yyy" because it isn't my problem that you can't figure out a clean way to do this stuff. Linus would similarly barf if he was given a patch that added hooks like "security_ext2_foo()". I totally reject this networking security stuff for 2.6.x |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [PATCH] LSM networking: netlink hooks for 2.5.59 (6/8), David S. Miller |
|---|---|
| Next by Date: | Re: [PATCH] LSM networking: tcp hooks for 2.5.59 (8/8), James Morris |
| Previous by Thread: | [PATCH] LSM networking: tcp hooks for 2.5.59 (8/8), James Morris |
| Next by Thread: | Re: [PATCH] LSM networking: tcp hooks for 2.5.59 (8/8), James Morris |
| Indexes: | [Date] [Thread] [Top] [All Lists] |