* frm gregat_private "07/25/01 07:46:18 -0700" | sed '1,$s/^/* /' * * Real quick response, I'm at OLS this week, so email will be infrequent. * * Thanks for splitting up the patches, it helps a lot. * * On Tue, Jul 24, 2001 at 04:01:24PM -0700, richard offer wrote: *> sgi-1-add-fds *> ============= *> *> Add an fd to the file_ops prototypes. *> * * Bleah. Personally I still do not want fds in the lsm patch for phase 1. * I'm still not convinced that anyone except audit needs this. Even so, * that LSM_NOFD_AVAILABLE macro is hideous and isn't the answer for your * problem for is you don't have a fd at the time. What would you recommend ? Given that we are going to pass an fd parameter, how would you fix it for those places that don't have it immediately available ? * *> sgi-2-post-hooks *> ================ *> *> Add an error code to the post_* hooks (change the prototypes). Always *> call the post_* hooks even if there isn't an error. * * Does anyone except audit need this? I can't recall anyone else complaining that it shouldn't be done, previous comments from Stephen and Chris indicated that it made sense. * *> sgi-3-misc *> ========== *> *> Other changes that didn't fit into any of the above, change the prototype *> of ptrace/setnice/setcapability to include more information. * * Doesn't apply cleanly if the other patches are not applied. I'll try and fix it when I merge up to 2.4.7, but generating something that applies cleanly to both vanilla lsm and including the first two patches maybe impossible, in which case my interest is getting something that works with the first two patches. If you don't take the first two I don't care that you're taking the 3rd, it doesn't help our project. The first three are our immediate requirements, the fourth is so start discussion for how to handle two mutually exclusive policy requirements (SubDomain / B1 ), the fifth is to continue the ongoing discussions regarding inode vs names. As I see it the fourth is the interesting one, how are we going to handle two conflicting requirements ? * * So in short, nothing applied. I didn't expect anything else. I'll get it upto 2.4.7 asap. * * thanks, * * greg k-h * richard. ----------------------------------------------------------------------- Richard Offer Technical Lead, Trust Technology, SGI "Specialization is for insects" _______________________________________________________________________ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Jul 25 2001 - 11:23:12 PDT