108

Torvalds On Linux Security Modules: "I Already Think We Have Too Many Of Those Pointless Things" (www.phoronix.com)

submitted 4 days ago by cm0002@literature.cafe to c/linux@programming.dev

15 comments fedilink hide all child comments

Stemming from a security researcher and his team proposing a new Linux Security Module (LSM) three years ago and it not being accepted to the mainline kernel, he raised issue over the lack of review/action to Linus Torvalds and the mailing lists. In particular, seeking more guidance for how new LSMs should be introduced and raised the possibility of taking the issue to the Linux Foundation Technical Advisory Board (TAB).

This mailing list post today laid out that a proposed TSEM LSM for a framework for generic security modeling was proposed but saw little review activity in the past three years or specific guidance on getting that LSM accepted to the Linux kernel. Thus seeking documented guidance on new Linux Security Module submissions for how they should be optimally introduced otherwise the developers are "prepared to pursue this through the [Technical Advisory Board] if necessary."

you are viewing a single comment's thread
view the rest of the comments

[+] rmt@programming.dev -14 points 3 days ago* (last edited 1 day ago)

If the lowest paid intern gets to use AI, then it will probably help them configure it properly.. the docs generally aren't bad (of the ones I've seen/used), but they're not newbie/intern level docs.

edit: That's a lot of downvotes for suggesting AI is useful at a primarily language/grammatical problem (ie. helping to crafting security/sandbox policy DSLs from terse docs and examples)? I detect some gut-reaction insecurities in these parts. 🙃

[-] bitcrafter@programming.dev 16 points 3 days ago

I barely trust natural intelligence with anything relating to security.

[-] rmt@programming.dev -4 points 3 days ago

"Trust but verify" ... which just means doing due diligence as a professional, whether the crap^H^H^H^Hquality code and documentation is written by a human or AI.

Humans are incredibly good at saying dumb shit while making it seem like it could be the right thing, but LLMs are arguably better at it.

And you, and I, and everyone here, will fall for it... not always, but too often. We are all lazy thinkers by nature.

[-] MNByChoice@midwest.social 1 points 3 days ago

Perhaps.

Of course, the creators of the security modules could build tools to help them be used better. Maybe not on first release, but at least after other complain about the difficulty. AppArmor did attempt some tools, and is far better than SELinux. Still not great.

this post was submitted on 15 Dec 2025

108 points (100.0% liked)

Linux

10655 readers

450 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago

MODERATORS

Ategon@programming.dev

anzo@programming.dev

dwraf_of_ignorance@programming.dev