On Sat, 11 Aug 2001, James Morris wrote: > So, we start to end up with numerous hooks at the network, device and > hardware layers. And this is just for ioctls. > > Interfaces (and many other things) can also be configured via rtnetlink > messages, so we'd also need to add more hooks here to prevent users > bypassing the same policies. Ok, so your original suggestion sounds good - drop netdev_ops->ioctl and just use capable. Of course, this leaves netdev_ops->unregister looking lonely. We would still like it though to deallocate the netdev security blob. > netdev_ops->setattr(dev); > netdev_ops->getattr(dev); > > The latter seemed to work ok technically for the prototype (except for > rtnetlink broadcasts), but was becoming ugly in terms of the number of > hooks in the kernel. This would have been nice, but I guess it isn't feasible for now. The setattr hook is the most important one, but also the most problematic. -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 11:40:41 PDT