Quoting Alexey Dobriyan ([email protected]):
> [BSD security levels are deleted in -mm, assuming this below]
>
> The only user of i_security, f_security, s_security fields is SELinux,
> so ifdef them with CONFIG_SECURITY_SELINUX. Following Stephen Smalley's
The SLIM security module, which is trying to get upstream, uses at least
i_security and f_security.
The Argus module supposedly being submitted "soon" which is used in
their LSPP product, surely must use them all.
Maybe you still want to make these CONFIG_SECURITY_SELINUX until the
other modules are upstreamed, but I just wanted to make sure you knew
other modules, trying to get upstream, are using them.
Personally I'd say these are a core part of the LSM framework, and if
you don't want LSM, compile it out. But since I realize that using only
capabilities must be a pretty common case, how about just adding a
config option CONFIG_SECURITY_OBJFIELDS, which is auto-enabled with
SELINUX and default off, which hides these fields instead?
Patch should be trivial, and I can aim to send one tomorrow.
-serge
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
