Crispin Cowan wrote:
>
> Karim Yaghmour wrote:
>
> > Bottom line is, there aren't 52 ways to skin a cat. Inserting hooks
> > is inserting hooks, whichever way you want to see it.
>
> How to insert a hook is not really at issue. How many, and which, hooks to
> insert is the question.
>
> LTT has much broader design goals than LSM. If LTT achieves its design goals,
> then by definition, it is not right as-is for LSM. It either needs to be cut
> down, or its pieces copied into the thing we do build.
As I suggested earlier, fine-grained hooking may be made possible at
compile time. Hence, LSM would require a sub-set of the "broad" LTT
hooks and the kernel would be compiled accordingly.
> > A question begs to be asked: "How small can hooking cost?". However
> > you may answer the question, you are certainly aware that there is
> > a minimal cost that will have to be paid to accomodate this functionnality.
>
> "This functionality" being the rub: fewer hooks -> lower overhead.
Certainly, but there is a likely possibility that you may need more
hooks. In any case, feel free to investigate whichever methods and
how many hooks you'd like and let me know if I can help.
Cheers,
Karim
===================================================
Karim Yaghmour
karymat_private
Embedded and Real-Time Linux Expert
===================================================
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Apr 16 2001 - 12:44:59 PDT