On Fri, 3 Aug 2001, Greg KH wrote: > Hm, inserting syscalls isn't the cleanest thing to do (let alone very > portable from what I have been told.) I think we need to think about > this one some more. Ok, so what parts of capget and capset would you expect to migrate into the capability plug? It seems like almost all of the implementation of these two system calls needs to be moved, including the access control checking and the functional logic. This seems especially necessary if we move the capability bits into the security blobs. I would think that each of these two system calls would be reduced to copying in parameters, calling a hook, and then copying out parameters. -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 10:05:27 PDT