Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 3 Jun 2017 18:22:31 +0200
From: Solar Designer <>
To: Greg KH <>
Cc: Matt Brown <>,
Subject: Re: [PATCH v1 1/1] Add Trusted Path Execution as a stackable LSM

On Sat, Jun 03, 2017 at 05:59:20PM +0200, Greg KH wrote:
> But for those systems, and this feature as well, can't a "simple"
> apparmor policy do the exact same thing?  Also, I'm sure the SELinux can
> do this as well, but I don't know the config language there as well.
> So I think this is already a feature that is supported, it just takes a
> bit more configuration work on the admin.

Yes, that's "a bit" more effort up to the point where almost(?) no one
would bother.  Sometimes simple features can reasonably co-exist with
more general frameworks that could also be used to achieve the effect.
So I don't view this as a sufficiently good argument against TPE as a
feature on its own.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.