On Thu, Jun 07, 2001 at 02:00:57PM -0700, Chris Wright wrote: > To date, the symbol is not exported to modules to obscure the location > of the struct. This discourages (does not disable) direct manipulation > of the struct (i.e. don't hack at it, and use register security for > proper access to it), but also discourages module's from being able to > use the struct. Thoughts? Do you have an example of where a module _has_ to have access to the structure? If not, let's just wait until someone _really_ needs it. That forces people to explain why they would want to do such a thing :) > Also, since vfs_permission() is exported, and can be called without > calls to permission() (like in fs/nfs/dir.c) should we add a security > hook to vfs_permission? Yes. greg k-h _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jun 07 2001 - 15:50:23 PDT