Re: Removing EXPORT_SYMBOL(security_ops) (was Re: Time to remove LSM)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2006-04-20 at 08:00 -0700, Greg KH wrote:
> I agree.  In looking over the code some more, I'm trying to figure out
> why we are exporting that variable at all.  Is it because of people
> wanting to stack security modules?
> 
> I see selinux code using it, but you are always built into the kernel,
> right?  So unexporting it would not be an issue to you.

Various in-tree modules (e.g. ext3) call security hooks via the static
inlines and end up referencing security_ops directly.  We'd have to wrap
all such hooks in the same manner as capable and permission.

Although I was actually talking about eliminating security_ops, not just
un-exporting it ;)

> Tony, would AppArmor have problems if we don't export that variable
> anymore?

-- 
Stephen Smalley
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux