On Thu, 5 Jul 2001, Stephen Smalley wrote: > But let's not go too far on this debate. As I've previously stated, > you can support pathname-based modules without needing to reconstruct > absolute pathnames on each lookup or file creation operation. In fact, > that should be preferable to you from a performance perspective. So > the hooks end up being the same anyway. Only one question: what if you WANT to reconstruct pathname data... not just absolute, but also what was originally specified. Is that possible with strictly inode-based protections, and, if not, is there a SIMPLE way to add it to the LSM model without getting into "mixed models"? If it can be done, I think everybody is on the same page. I ask only because it seems to be an "issue" of some minor sort. There is the issue of "imposing a model" on the module. J. Melvin Jones |>------------------------------------------------------ || J. MELVIN JONES jmjonesat_private |>------------------------------------------------------ || Microcomputer Systems Consultant || Software Developer || Web Site Design, Hosting, and Administration || Network and Systems Administration |>------------------------------------------------------ || http://www.jmjones.com/ |>------------------------------------------------------ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jul 05 2001 - 14:08:20 PDT