Linus: Security is "people wanking around with their opinions"
James Morris
jmorris at namei.org
Fri Nov 9 09:07:23 EST 2007
On Tuesday 02 Oct 2007 09:28:09 -0700 Peter Gutmann wrote:
> [Linus quote...]
> So the difference between them is simple: one is 'hard science'. The
> is 'people wanking around with their opinions'."
Just to clarify: this line of discussion arose from my advocacy of the
Linux kernel having a flexible, designed, analyzable and cohesive access
control framework, rather than the semantically weak pile o' hooks
provided by LSM.
Here's my posting which set Linus off, which itself is a brief summary of
already discussed points:
http://kerneltrap.org/mailarchive/linux-kernel/2007/10/1/326293
This is not to argue with Linus' point here (which was tangential), just
to clarify the context, which I suspect may also be of interest to Peter
(at least), as I've been reading his work on the need for properly
designed cryptographic architecture rather than e.g. simple APIs.
Unfortunately, there's some very long standing and entrenched confusion
over SELinux: that it is a specific access control model, rather than an
architecture. This is somewhat our fault for not demonstrating this
concept, and only explaining it, which may be a good lesson for others :-)
- James
--
James Morris
<jmorris at namei.org>
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list