Re: [patch 0/15] lsm stacking v0.3: intro

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Quoting Tony Jones ([email protected]):
> OK. As long as you are aware of it, which it sounds like you are.
> 
> Serge, I think it should be documented as a known issue.

Ok.

> > Clearly this is limiting, but then so is the one line per process you
> > get with ps - "fixing" that is obviously not acceptable.  Is there
> 
> Nothing jumps out at me.
> 
> > Is there any example where the current
> > behavior is actually a problem - two modules which it makes sense to
> > stack, which both need to give output under ps?
> 
> I don't know.  Isn't this the big negative against stacker, controlling
> the composition?  pstools has clearly cast it's vote :-)

Well, pstools combined with existing userspace tools.  I think the
older version of stacker outputed comma-delimited output for each
module.  But that requires changes in the selinux userspace tools for
things to work at all.  That doesn't mean it's not the better way to
solve the problem.  So for instance we could output

staff_u:staff_r:serge_t(selinux),jail3(bsdjail)

-serge
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]
  Powered by Linux