Re: Benchmarks (was Re: Hooking into Linux using the LTT)

From: David Wagner (dawat_private)
Date: Fri Apr 20 2001 - 18:36:32 PDT

  • Next message: David Wagner: "Re: Benchmarks (was Re: Hooking into Linux using the LTT)"

    Flavien Lebarbe  wrote:
    >*) About loading several modules : What about
    >this : We have a list of loaded modules (told to not
    >register by insmod argument), and a super-module can 
    >load itself, register itself in the hooktable, 
    >and ask other modules for checking, adding its own 
    >logic (like "all modules must accept", or, "one is 
    >enough", or "ask only module A for network stuff",
    >whatever.).
    
    I think the idea proposed by the wirex folks
    was that this you would be free to write a "loadable policy
    module" that works this way, but it would not be part of
    the infrastructure that's part of the Linux kernel.
    How would you feel about this?
    
    >*) What about unloading a LSM ?
    
    The obvious solution is a register() and unregister()
    function that grabs an appropriate lock.  Is there any
    reason this can't work?
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Fri Apr 20 2001 - 18:38:55 PDT