Re: Time to remove LSM (was Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 24 Apr 2006 11:12:22 +0200, Arjan van de Ven said:

> So at minimum a debate about most the hooks is in order, as well as the
> mechanism; I'm increasingly getting convinced the 'security_ops' thing
> is misdesigned. I rather have a setup where the hooks at compiletime
> resolve to the function of the LSM you've chosen (be it SELinux or
> AppArmor) rather than the current solution. It's not like you
> realistically can or want to provide both SELinux and AppArmor with the
> same kernel anyway.. 

Doing so would require some redesign work for the current code that uses
the pointers to stack SELinux and capabilities.  Not a show-stopper by
any means, just an entry for the 'to-do' list if we go that route...

Attachment: pgp5s8iotFZaC.pgp
Description: PGP signature


[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux