Re: Benchmarks (was Re: Hooking into Linux using the LTT)

• Previous message: David Wagner: "Re: Benchmarks (was Re: Hooking into Linux using the LTT)"
• In reply to: Greg KH: "Re: Benchmarks (was Re: Hooking into Linux using the LTT)"
• Next in thread: Greg KH: "Re: Benchmarks (was Re: Hooking into Linux using the LTT)"
• Next in thread: Chris Wright: "Re: Benchmarks (was Re: Hooking into Linux using the LTT)"
• Reply: Greg KH: "Re: Benchmarks (was Re: Hooking into Linux using the LTT)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Greg KH  wrote:
>Not hard, consider the following code:
>	lock_kernel();
>	security_ops = &dummy_security_ops;
>	unlock_kernel();

That looks great as an *implementation*, but let me suggest that this
code be hidden behind a register_hook() / unregister_hook() interface.
In particular, I think it would be a good idea to ensure that policy
modules don't go modify the security_ops structure theirselves, but
go through some API -- this way the implementation of what's behind
the API can change to accomodate, e.g., locking or loading multiple
poilcy modules.

What do you think?  Do you agree?

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: David Wagner: "Re: backward compat / access (was Re: Benchmarks)"
• Previous message: David Wagner: "Re: Benchmarks (was Re: Hooking into Linux using the LTT)"
• In reply to: Greg KH: "Re: Benchmarks (was Re: Hooking into Linux using the LTT)"
• Next in thread: Greg KH: "Re: Benchmarks (was Re: Hooking into Linux using the LTT)"
• Next in thread: Chris Wright: "Re: Benchmarks (was Re: Hooking into Linux using the LTT)"
• Reply: Greg KH: "Re: Benchmarks (was Re: Hooking into Linux using the LTT)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 20 2001 - 18:40:50 PDT