Re: sys_setpriority error

From: David Wagner (dawat_private)
Date: Thu May 31 2001 - 10:41:13 PDT

  • Next message: Chris Wright: "Re: sys_setpriority error"

    Titus D. Winters wrote:
    >How about this:
    >
    >no_nice = security_ops->task_ops->setnice(p, niceval);
    >if (p->uid != current->euid &&
    >        p->uid != current->uid && no_nice) {
    >
    >can become
    >
    >no_nice = security_ops->task_ops->setnice(p, niceval);
    >if (no_nice) {
    
    One disadvantage is that then each module writer has to cut-and-paste
    the old code into his module if he wants to stick with the base logic
    (and we can expect this to be common).  Moreover, if for any reason the
    linux kernel developers ever need to change the base logic (e.g., someone
    found a bug), they'd then need to change the code in every LSM, which
    is probably impossible in practice.
    
    I'm not suggesting we abandon this proposal from consideration, but we
    should be aware of the significant costs of this approach.
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Thu May 31 2001 - 10:43:29 PDT