History
At the 2001 Linux Kernel Summit, the NSA proposed that SELinux be included in Linux 2.5. Linus Torvalds rejected SELinux at that time, because he observed that there are many different security projects in development, and since they all differ, the security community has not yet formed consensus on the ultimate security model. Instead, Linus charged the security community to "make it a module".
In response, Crispin Cowan proposed LSM: an interface for the Linux kernel that provides sufficient "hooks" (upcalls) from within the Linux kernel to a loadable module so as to allow the module to enforce mandatory access controls. Development of LSM over the next two years was conducted by the LSM community, including substantial contributions from the Immunix Corporation, the NSA, McAfee, IBM, Silicon Graphics, and many independent contributors. LSM was ultimately accepted into the Linux kernel mainstream and was included as a standard part of Linux 2.6 in December 2003.
In 2006, some kernel developers observed that SELinux was the only widely used LSM module included in the mainstream Linux kernel source tree. If there is to be only one widely used LSM module, it was reasoned, then the indirection of LSM is unnecessary, and LSM should be removed and replaced with SELinux itself. However, there are other LSM modules maintained outside of the mainstream kernel tree (AppArmor, Linux Intrusion Detection System, FireFlier, CIPSO, Multi ADM, etc.), so this argument led to two results: 1. that developers of these modules started putting effort into upstreaming their respective modules, and 2. at the 2006 Kernel Summit, Linus once again asserted that LSM would stay because he does not want to arbitrate which is the best security model. LSM is likely to remain since an additional security module TOMOYO Linux was accepted in the mainline kernel version 2.6.30 (June 2009). With version 2.6.36, another security module (AppArmor) was accepted in the mainline kernel.
Read more about this topic: Linux Security Modules
Famous quotes containing the word history:
“I believe that in the history of art and of thought there has always been at every living moment of culture a “will to renewal.” This is not the prerogative of the last decade only. All history is nothing but a succession of “crises”Mof rupture, repudiation and resistance.... When there is no “crisis,” there is stagnation, petrification and death. All thought, all art is aggressive.”
—Eugène Ionesco (b. 1912)
“What you don’t understand is that it is possible to be an atheist, it is possible not to know if God exists or why He should, and yet to believe that man does not live in a state of nature but in history, and that history as we know it now began with Christ, it was founded by Him on the Gospels.”
—Boris Pasternak (1890–1960)
“History, as an entirety, could only exist in the eyes of an observer outside it and outside the world. History only exists, in the final analysis, for God.”
—Albert Camus (1913–1960)