On Thu, 22 Jun 2017, Casey Schaufler wrote:

The combination of SELinux, Smack, AppArmor and/or TOMOYO is not
the goal so much as the test case. MAC was the coolest possible
technology in 1990. We've implemented it. I don't see anyone doing
a new MAC implementation. I *do* see security modules that implement
other security models in the pipeline. Some of these need to maintain
state, which means using security blobs in the LSM architecture.
Some of these models will want to use secmarks to implement socket
based controls.

Where are these LSMs and where are the discussions about their LSM API 
needs? 

-- 
James Morris
[off-list ref]

--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html