[redhat-lspp] LSPP Development Telecon 10/16/2006 Minutes

Venkat Yekkirala vyekkirala at trustedcs.com
Thu Oct 19 17:32:43 UTC 2006 

> NOTE: I've added Josh and Chris from Tresys to this thread as 
> I don't believe
> they are subscribed to the LSPP list and may not have seen this email.

I know Josh did, since he mentioned it in his email to me yesterday.

> > - No new field will be added to the skb.  If you need to 
> encode multiple 
> > things on secmark, do it internally (as I've suggested a 
> couple of times).

I am not sure encoding multiple secids on the secmark is feasible
or desirable. I will have to rely on Stephen and others to weigh in
here.

There's another potentially bad way to handle this which is to leverage
the sp field on the skb. I don't know how James feels about it. James?

> I'm glad to see there is still discussion going on over on 
> the SELinux list
> involving the secid patches but I'm a little concerned that 
> there has not been
> any real discussion about how to handle flow control while 
> staying within the
> constraints outlined above?  Venkat, is this something that 
> has already been
> taken into account and will appear in the next patch set?

I can not guarantee that. I believe James' hesitation mainly
comes from the fact that there are people confused out there.

Once people are confused no more, they will have to take it
up with James (while watching out for you though :))
since James DID ack this approach once in the past and seems to
have since backed out mainly (from my POV) because of the prevailing
confusion coming mainly from you and Joshua.

> 
> I'm afraid that all we are doing is spending time and effort 
> discussing a patch
> set that has no chance of acceptance upstream and hence RHEL.

You can let Josh and others decide for themselves. Josh and Chris
should already know the above from the following exchange yesterday:

---
> 
> 
> I see that James responded on LSPP yesterday with same basic
> requirements that I'm trying to allude to here so I'll just wrap this
> up.. 

A natural result when people (sadly a couple or so) refuse to objectively
assess a design based on what it can accomplish. I have the satisfaction of
knowing though that I gave it my best shot.
---

More information about the redhat-lspp mailing list