Re: Sample SELinux hook function implementations

From: Greg KH (gregat_private)
Date: Wed May 09 2001 - 09:31:38 PDT

  • Next message: Chris Wright: "Re: Sample SELinux hook function implementations"

    On Wed, May 09, 2001 at 10:38:33AM -0400, Stephen Smalley wrote:
    > I would suggest a further revision to the alloc_security routines.
    > Since a pointer to the full structure is passed to the routine,
    > let the routine set the security field itself if it desires and
    > have it merely return an integer status to indicate error conditions.
    > That allows a security module to choose not to use the security field
    > at all for some structures (e.g. not all modules may care about the
    > struct super_block security field or the struct file security field),
    > and it allows the module to use the field arbitrarily (e.g. using
    > the void* to store an integer rather than a pointer).
    That makes more sense, I'll make that change right now.
    greg k-h
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Wed May 09 2001 - 09:37:31 PDT