Criticism
Some Linux kernel developers dislike LSM for a variety of reasons. LSM strives to impose the least overhead possible, especially in the case where no module is loaded, but this cost is not zero, and some Linux developers object to that cost. LSM is designed to provide only for access control, but does not actually prevent people from using LSM for other reasons, and so some Linux kernel developers dislike that it can be "abused" by being used for other purposes, especially if the purpose is to bypass the Linux kernel's GPL license with a proprietary module to extend Linux kernel functionality.
Some security developers also dislike LSM. The author of grsecurity dislikes LSM because of its history, and that because LSM exports all of its symbols it facilitates the insertion of malicious modules (rootkits) as well as security modules. The author of RSBAC dislikes LSM because it is incomplete with respect to the needs of RSBAC. In particular, the author of RSBAC argues that: "LSM is only about additional, restrictive access control. However, the RSBAC system provides a lot of additional functionality, e.g. symlink redirection, secure_delete, partial Linux DAC disabling. All this has to be patched into kernel functions in a separate patch.". The author of Dazuko argues that targeting the LSM API is a moving target, as it changes with each kernel release, leading to extra maintenance work. Other developers would like to have LSM modules stacked, e.g. the developer of the Yama LSM.
Read more about this topic: Linux Security Modules
Famous quotes containing the word criticism:
“People try so hard to believe in leaders now, pitifully hard. But we no sooner get a popular reformer or politician or soldier or writer or philosopher—a Roosevelt, a Tolstoy, a Wood, a Shaw, a Nietzsche, than the cross-currents of criticism wash him away. My Lord, no man can stand prominence these days. It’s the surest path to obscurity. People get sick of hearing the same name over and over.”
—F. Scott Fitzgerald (1896–1940)
“When you overpay small people you frighten them. They know that their merits or activities entitle them to no such sums as they are receiving. As a result their boss soars out of economic into magic significance. He becomes a source of blessings rather than wages. Criticism is sacrilege, doubt is heresy.”
—Ben Hecht (1893–1964)
“I am opposed to writing about the private lives of living authors and psychoanalyzing them while they are alive. Criticism is getting all mixed up with a combination of the Junior F.B.I.- men, discards from Freud and Jung and a sort of Columnist peep- hole and missing laundry list school.... Every young English professor sees gold in them dirty sheets now. Imagine what they can do with the soiled sheets of four legal beds by the same writer and you can see why their tongues are slavering.”
—Ernest Hemingway (1899–1961)