On Tue, May 22, 2001 at 04:11:15PM -0400, jmjonesat_private wrote: > My suggestion involves only a few lines in the current > patch, and certainly could be "erased" if a better idea > comes along, but the idea of stackable modules seems > VERY core, at this point, *to me*. I tend to agree with David here; we need to get a solid, stable implementation of several modules before complicating the system further. As for the idea of stacking modules (knowingly ignoring my own advice from only one paragraph away! :) -- consider the following: o How modules interact is actually a policy. Building into the kernel any pieces that require making stacking possible may go against the policy implemented by any module. o Stacking can be emulated through another module -- one that loads and calls the other modules in turn, according to its policy. I think we would be better off to re-evaluate the situation later. It could be that enough people want exactly this functionality that it should be implemented in the kernel. What I think is more likely is a more flexible generic multiplexor module (provided by the kernel) to handle probably two or three modules. _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue May 22 2001 - 13:33:11 PDT