Jump to content

Talk:Linux Security Modules

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by InternetArchiveBot (talk | contribs) at 21:42, 23 December 2017 (Notification of altered sources needing review #IABot (v1.6.1)). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
WikiProject iconLinux Start‑class Mid‑importance
WikiProject iconThis article is within the scope of WikiProject Linux, a collaborative effort to improve the coverage of Linux on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.LinuxWikipedia:WikiProject LinuxTemplate:WikiProject LinuxLinux
StartThis article has been rated as Start-class on Wikipedia's content assessment scale.
MidThis article has been rated as Mid-importance on the project's importance scale.
WikiProject iconComputing: Software / Security Start‑class Low‑importance
WikiProject iconThis article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing
StartThis article has been rated as Start-class on Wikipedia's content assessment scale.
LowThis article has been rated as Low-importance on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Software (assessed as Low-importance).
Taskforce icon
This article is supported by WikiProject Computer security (assessed as High-importance).
Things you can help WikiProject Computer security with:
Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information...
  • Review importance and quality of existing articles
  • Identify categories related to Computer Security
  • Tag related articles
  • Identify articles for creation (see also: Article requests)
  • Identify articles for improvement
  • Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
  • Find editors who have shown interest in this subject and ask them to take a look here.

The repeated reverting

The repeated reverting of a single line between me and Tango is annoying.

Yes, an external citation for this factoid would be very nice. I have looked hard for such a citation, but can't find one. Probably because at the time Linus shipped Linux 2.6.0, he did not consider LSM to be worth noting.

None the less, it is manifestly true that LSM shipped with Linux 2.6.0 because it was there in 2.6.0, and was not there before in 2.4.

To take this line out, you have to conjecture that some other reeally strange thing happened, such that LSM was sneakily inserted into the Linux kernel at some other time, because it is definitely there now.

Crispincowan 07:50, 22 August 2007 (UTC)[reply]

Questionable sentence

"LSM avoids the approach of system call interposition as used in Systrace because it does not scale to multiprocessor kernels and is subject to TOCTTOU (race) attacks."

I think the term "to scale" is used incorrectly here. Multiprocessor systems require special treatment to prevent attacks using race-conditions but this has very little to do with scalability. Also I don't see a big difference between system-call interposition and the upcalls used by LSM. It's not the same but I really don't see how this is a different concept solving problems of the other. Likewise, the time-of-check-time-of-use issues in Systrace or similar solutions strike me rather as implementation problems than design flaws. I doubt that LSM is by design immune against TOCTTOU bugs. Also it seems that the author of systrace has already fixed the concurrency issues, if I understand correctly: http://systrace.org/index.php?/archives/14-Evading-System-Sandbox-Containment.html --217.87.127.4 (talk) 13:03, 1 February 2008 (UTC)[reply]

Hello fellow Wikipedians,

I have just modified one external link on Linux Security Modules. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 5 June 2024).

  • If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
  • If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 21:42, 23 December 2017 (UTC)[reply]

Retrieved from "https://en.wikipedia.org/w/index.php?title=Talk:Linux_Security_Modules&oldid=816812101"