On Mon, 23 Apr 2001 18:54:38 BST, dawat_private (David Wagner) said: > My initial reaction is that, whatever you decide, LSM's should not be > required to use this facility. If you want to build a LSM that requires > this facility, I don't mind, but when I build the Janus-like LSM, I think > I'd prefer not to be forced to mess with this. Whether or not to return > more detailed error messages looks an awful lot like policy, doesn't it? Well, I didn't say anything about what was in there, except maybe a cookie identifying the LSM. Perhaps a flag field would be needed as well, #define SEC_NO_INFO 0x01 #define SEC_PARTIAL_INFO 0x02 #define SEC_DETAILED_INFO 0x04 struct sec_error_return { int LSM_ID_Cookie; int LSM_detail_flag; union { /* intentionally unspecified, defined by LSM if it wants */ } } or similar. A given LSM would be required to fill in the cookie, and set the flag, and then be free to pass back whatever info it wanted to. So if a LSM wanted to be terse, it would just set errno, set SEC_NO_INFO, and go home. How you feel about that? -- Valdis Kletnieks Operating Systems Analyst Virginia Tech
This archive was generated by hypermail 2b30 : Mon Apr 23 2001 - 12:06:09 PDT