* Greg KH (gregat_private) wrote: > On Thu, Jun 07, 2001 at 02:00:57PM -0700, Chris Wright wrote: > > To date, the symbol is not exported to modules to obscure the location > > of the struct. This discourages (does not disable) direct manipulation > > of the struct (i.e. don't hack at it, and use register security for > > proper access to it), but also discourages module's from being able to > > use the struct. Thoughts? > > Do you have an example of where a module _has_ to have access to the > structure? If not, let's just wait until someone _really_ needs it. > That forces people to explain why they would want to do such a thing :) fs/binfmt_elf.c if (!bprm->sh_bang) { retval = security_ops->file_ops->permission (bprm->file, MAY_EXEC); Granted, Stephen Smalley has already highlighted this as a questionable check... but that's what made me think about this. -chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jun 07 2001 - 16:45:31 PDT