[PATCH bpf-next 0/8] New BPF map and BTF security LSM hooks

Andrii Nakryiko andrii.nakryiko at gmail.com
Mon Apr 17 23:28:41 UTC 2023


On Thu, Apr 13, 2023 at 12:03 PM Jonathan Corbet <corbet at lwn.net> wrote:
>
> Andrii Nakryiko <andrii.nakryiko at gmail.com> writes:
>
> > Why do you prefer such
> > an approach instead of going with no extra permissions by default, but
> > allowing custom LSM policy to grant few exceptions for known and
> > trusted use cases?
>
> Should you be curious, you can find some of the history of the "no
> authoritative hooks" policy at:
>
>   https://lwn.net/2001/1108/kernel.php3
>
> It was fairly heatedly discussed at the time.
>

Thanks, Jonathan! Yes, it was very useful to get a bit of context.


> jon



More information about the Linux-security-module-archive mailing list