[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

LSM-based systems and debian packages


well, if this mail seems to be silly for persons with good knowledge
of LSM-based systems, I'm sorry. But I can't give me the answers
myself, so I'm asking here.

The last time (and especially the last days) have IMHO shown that it
would be good for any Linux machine to run with more security than the
historic root and users-concept (with a few exceptions of course). So,
as a package maintainer I want to support this as good as I can. As
LSM will be part of Linux 2.6, it would IMHO be wise to base support
on LSM. But I have little to no knowledge of the implementation of
these systems (but have heard about the base theory for such things).
So, my question is:

Is it possible for me as a package maintainer to specifiy the needed
rights for "my" programms in a way that as much systems as possible
can use these without the need for a sysadmin to change anything? Or
would each LSM-based system need it's own configuration? And if so,
which should be supported by a package, and how?

What I would even like more is a HOWTO "What a debian package
maintainer should do to support LSM-based security-systems properly"
(and this should become part of the Developers Reference). I'm willing
to create a template of such a HOWTO in parallel to adding support to
LSM to my packages, if I can; and this would mean that someone with
knowledge would be willing to guide me, and answer my (partly very
unknowing) questions about a lot of more or less simple things.

   PGP 1024/89FB5CE5  DC F1 85 6D A6 45 9C 0F  3B BE F1 D0 C5 D1 D9 0C

Reply to: