On Mon, 23 Apr 2001 23:44:46 BST, dawat_private (David Wagner) said: > 1. lsm_perror is inherently thread-unsafe (in contrast to perror). Why? sed 's/perror/lsm_perror/g' < perror.c > lsm_perror.c and tell me what's thread-unsafe there? Notice I said *NOTHING* about how lsm_perror.c should be implemented, and in fact, I've given *several* alternative implementations, from a null return as listed below, to a highly complicated IPC-based scheme, to something that workse the same way as perror.c (and should therefor be as thread-safe). > 2. I don't want to be forced to support lsm_perror in my module. > I'd prefer to ignore it's existence, and I don't really want it > cluttering my policy code. char * lsm_perror(int *goaway) { return "Permission Denied."; } Was that *so* hard? > Therefore, I propose that this be left up to individual modules to > provide, or at least, that policy modules be free to do nothing whatsoever > to support lsm_perror. Umm.. I believe I said *several* times that was what I intended - perhaps with a restriction that if you intend to do "nothing whatsoever", you provide a stub like the one-liner above so programs can still link against it. /Valdis _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Apr 23 2001 - 19:16:53 PDT