Re: Possible system call interface for LSM

• Previous message: James Morris: "RE: Support for IPSOs"
• In reply to: Valdis.Kletnieksat_private: "Re: Possible system call interface for LSM"
• Next in thread: Crispin Cowan: "Re: Possible system call interface for LSM"
• Next in thread: Lachlan McIlroy: "RE: Possible system call interface for LSM"
• Reply: Crispin Cowan: "Re: Possible system call interface for LSM"
• Reply: Stephen Smalley: "Re: Possible system call interface for LSM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>David Wagner wrote:
>> Here's a crazy thought.  What if we used operations on a /proc fd
>> instead of a dedicated syscall?
>
>This works for symlinks, but you end up with likely file descriptor aliasing
>screws if you try to use it for open()/read()/write() etc....

Yes, you're absolutely right.  Would the folks who want syscalls
be willing to post what functionality they expect to require, so
we can get some idea of which solutions will and won't work?

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Crispin Cowan: "Re: Possible system call interface for LSM"
• Previous message: James Morris: "RE: Support for IPSOs"
• In reply to: Valdis.Kletnieksat_private: "Re: Possible system call interface for LSM"
• Next in thread: Crispin Cowan: "Re: Possible system call interface for LSM"
• Next in thread: Lachlan McIlroy: "RE: Possible system call interface for LSM"
• Reply: Crispin Cowan: "Re: Possible system call interface for LSM"
• Reply: Stephen Smalley: "Re: Possible system call interface for LSM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Aug 09 2001 - 21:28:32 PDT