On Thu, Apr 13, 2023 at 12:03 PM Jonathan Corbet <corbet@xxxxxxx> wrote: > > Andrii Nakryiko <andrii.nakryiko@xxxxxxxxx> writes: > > > Why do you prefer such > > an approach instead of going with no extra permissions by default, but > > allowing custom LSM policy to grant few exceptions for known and > > trusted use cases? > > Should you be curious, you can find some of the history of the "no > authoritative hooks" policy at: > > https://lwn.net/2001/1108/kernel.php3 > > It was fairly heatedly discussed at the time. > Thanks, Jonathan! Yes, it was very useful to get a bit of context. > jon
