On Mon, 24 Apr 2006 11:12:22 +0200, Arjan van de Ven said: > So at minimum a debate about most the hooks is in order, as well as the > mechanism; I'm increasingly getting convinced the 'security_ops' thing > is misdesigned. I rather have a setup where the hooks at compiletime > resolve to the function of the LSM you've chosen (be it SELinux or > AppArmor) rather than the current solution. It's not like you > realistically can or want to provide both SELinux and AppArmor with the > same kernel anyway.. Doing so would require some redesign work for the current code that uses the pointers to stack SELinux and capabilities. Not a show-stopper by any means, just an entry for the 'to-do' list if we go that route...
Attachment:
pgp5s8iotFZaC.pgp
Description: PGP signature
- References:
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Greg KH <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Alan Cox <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: [email protected]
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Crispin Cowan <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Pavel Machek <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Crispin Cowan <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: [email protected]
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Thomas Bleher <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Lars Marowsky-Bree <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Arjan van de Ven <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Lars Marowsky-Bree <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- From: Arjan van de Ven <[email protected]>
- Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- Prev by Date: Re: Linux 2.6.17-rc2 - notifier chain problem?
- Next by Date: Re: C++ pushback
- Previous by thread: Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- Next by thread: Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)
- Index(es):
 |