* Titus D. Winters (titusat_private) wrote: > Here is a patch against the current posted patch that contains the minimum > changes needed for the project Chris and I are working on. The changes > are generally filesystem related to check the hooks before finding out the > feasability of performing a filesystem operation, and return error values > as specified from the hook. Titus, I'd like to hold off on this patch as it stands. Often our hook placement is after the DAC logic precisely so that the security module knows that the DAC logic has already been satisfied, that way it doesn't need to repeat those checks. Casey and crew from SGI are putting together a proposal for auditing hooks. I'd like to see how their hooks may satifisfy your needs. If not, we can look at other alternatives (like Wagner proposed). -chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jun 21 2001 - 09:51:25 PDT