> -----Original Message----- > From: linux-security-module-adminat_private > [mailto:linux-security-module-adminat_private]On Behalf Of > Chris Wright > Sent: Wednesday, August 01, 2001 3:37 AM > To: linux-security-moduleat_private > Subject: Re: FW: Hooks for MAC (updated) > > > * Lachlan McIlroy (lachlanat_private) wrote: > > > -----Original Message----- > > > From: linux-security-module-adminat_private > > > [mailto:linux-security-module-adminat_private]On Behalf Of > > > Chris Wright > > > Sent: Tuesday, July 31, 2001 12:41 PM > > > To: linux-security-moduleat_private > > > Subject: Re: FW: Hooks for MAC (updated) > > > > > > > > > * Lachlan McIlroy (lachlanat_private) wrote: > > > > > > > > This patch incorporates the comments from Chris Wright. > > > > > > actually, i don't think it does. i still see the pid in the > > > interface. > > > > Oops, my mistake. I forwarded my original post to avoid > > having to describe the patch again but forgot to swap > > the attached old patch with the updated one. I've now > > attached the updated patch. > > This looks good. You still have the /proc issue, how do you intend > to protect the session id there? We intend to provide extended attributes on the files in /proc so that they will be protected by MAC labels. This will probably require changes to the vfs interface and adding routines for getting/setting extended attributes in the procfs. > > -chris > > _______________________________________________ > linux-security-module mailing list > linux-security-moduleat_private > http://mail.wirex.com/mailman/listinfo/linux-security-module > --- Lachlan McIlroy Phone: +61 3 9596 4155 Trusted Linux Fax: +61 3 9596 2960 Adacel Technologies Ltd www.adacel.com _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue Jul 31 2001 - 20:08:26 PDT