ima: use of radix tree cache indexing == massive waste of memory?

[Pavel Machek]

Hi!

> > Especially as our merge requirements for security/ are a lot lower than
> > for the rest of the kernel given that James is very afraid of getting
> > whacked by Linux for not mering things.
> 
> I think historically you'll see that I'm not afraid of getting whacked by 
> Linus.
> 
> A procedure for merging security features has been adopted by consensus, 
> based on suggestions from Arjan, with the aim of preventing the literally 
> endless arguments which arise from security feature discussions.  It's 
> sometimes referred to as the Arjan protocol, essentially:
> 
>   If the feature correctly implements a well-defined security goal, meets 
>   user needs without incurring unreasonable overheads, passes technical 
>   review, and is supported by competent developers, then it is likely to 
>   be merged.
> 
> If you disagree with a specific feature, you need to step up while it's 
> being reviewed and make a case against it according to the above
> criteria.

Well, I'm arguing that the criteria are wrong. Duplicated crap is
creeping in (TOMOYO vs. AppArmor), and strange stuff that has no
legitimate use is in (IMA -- what is it good for? locking machines
down, iPhone style).

> If you disagree with the protocol, then you need to come up with a better 
> one, and probably implement it yourself, to the satisfaction of all 
> parties.

I do disagree, and I do not think 'satistfaction of all parties' is
reasonable goal. Rest of kernel has different rules, and IMO they are better.

-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html