Here's an idea: Move the existing kernel permissions code into a module that allows for further restricting access by registering sub modules with it. If you do this, then anyone wanting to restrict posix behavior further (sounds like the majority) can easily do this by registering a submodule. Anyone who needs to be permissive, can either create their own base module or modify (fork) the existing kernel permission module. You could also, by macros, have a version of the current permissions module that could be compile-time configured to support submodules or not. Just an idea from a lurker, Tom -- Tom Daniels The floggings will continue until morale improves. -- unknown _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Jun 01 2001 - 12:32:28 PDT