Re: Problems with some of the current hooks

From: Stephen Smalley (sdsat_private)
Date: Mon Aug 06 2001 - 10:03:33 PDT

  • Next message: Stephen Smalley: "Re: Making forward progress"

    On Fri, 3 Aug 2001, Greg KH wrote:
    
    > Hm, inserting syscalls isn't the cleanest thing to do (let alone very
    > portable from what I have been told.)  I think we need to think about
    > this one some more.
    
    Ok, so what parts of capget and capset would you expect to migrate
    into the capability plug?  It seems like almost all of the 
    implementation of these two system calls needs to be moved,
    including the access control checking and the functional logic.
    This seems especially necessary if we move the capability bits into
    the security blobs.   I would think that each of these two system calls
    would be reduced to copying in parameters, calling a hook, and then 
    copying out parameters.
    
    --
    Stephen D. Smalley, NAI Labs
    ssmalleyat_private
    
    
    
    
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Mon Aug 06 2001 - 10:05:27 PDT