* Chris Wright (chrisat_private) wrote: > * James Morris (jmorrisat_private) wrote: > > Finally, the updated skb hooks, attached below. > > > > Note that the 'security' field in the skb header is no longer in use by > > the main kernel, and one of the networking maintainers has indicated that > > we may be able to claim it's namespace for 2.6. > > with just alloc, free, copy and clone, i don't fully understand how you > aniticipate using the sk_buff security label. e.g. one of the problems > i had was the device info is not necessarily accurate in higher level tcp > functions, and if i had my way i would have labelled the device the > packet arrived on. how would you do this? uuhh...nevermind, i was thinking with the wrong brain (referring to the device crap i was spewing above -- that was all about syn's and the sock struct having a cached route to the client, not the real dev the syn came through). but i am still curiious how you would expect to use the allocated opaque security label? -chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Jul 25 2001 - 18:41:59 PDT