[PATCH 00/58] LSM: Module stacking for AppArmor
Casey Schaufler
casey at schaufler-ca.com
Tue Jun 4 21:19:11 UTC 2019
On 6/4/2019 1:42 PM, James Morris wrote:
> On Tue, 4 Jun 2019, Casey Schaufler wrote:
>
>>> It isn't free so there should be a cost/benefit analysis.
>> Some benchmarking is definitely in order, but most
>> of what's you're calling out as downside is hypothetical
>> or based on assumption.
> When you're proposing changes such as these, which make fundamental and
> far-reaching changes, the burden is on you to present the cost/benefit
> analysis.
Granted. There has been substantial conversation about it
over the years, but I have not done well including it in
this discussion.
> You can't just say "Here are some changes and here are the benefits, and
> any possible costs are merely hypothetical".
Of course. Nonetheless, no evidence for performance impact has
been provided, while it has been asserted.
More information about the Linux-security-module-archive
mailing list