Stacking modules makes a lot of sense, it may be tricky to order sensibly,
now if you want the features of more than one LSM (including those being
added to the kernel), you need to *copy* the parts you want. Since you
can't use modules to load them, because that feature's been removed, you
need to maintain your own kernel tree for it or submit your changes which
will eventually end up with LSMs that all do the same thing...
This static LSM doesn't even make sense to me - what happens if I select
both SECURITY_CAPABILITIES and SECURITY_ROOTPLUG? I can't easily check
because I'm using 2.6.23 - so I can still reload my module while changing
it to have a better configuration interface. Kconfig doesn't look like it
will prevent it. Surely the options should be a multiple choice menu?
Adrian's mentioned people eager to write drivers - LSMs aren't drivers,
there's really nothing to work from except "security module that does X"
and for that people should develop what they want themselves.
There's no reason for out of tree *GPL* drivers to not exist, is there?
How much of the non-driver code that gets merged into the kernel exists
first as out of tree modules, rather than direct patches to the tree
itself? It was made much easier since 2.4 to compile a module out of tree
using a simple Makefile. (Perhaps that should be removed too?)
--
Simon Arlott
-
