On Fri, Aug 10, 2001 at 02:57:47PM -0400, Stephen Smalley wrote: > > I'm not worried about stacking modules (currently). I just want my > modified applications to be able to test for the presence of the SELinux > module and to fall back on ordinary Unix behavior if it is not present. > In the original SELinux prototype, they just tried one of the new > syscalls (the one that just returns the current process SID) and > checked for ENOSYS. With LSM, the syscall is always present but > SELinux might not be, so I want a magic number/module id that I can use. > Naturally, I also need the dummy syscall function to always return > something like -ENOPKG. I'd recommend having the applications test for something else, instead of a syscall (that's a huge abuse of a syscall if I've ever seen one :) Like if selinuxfs is mounted, or a specific /proc entry is present or just looking at the current /proc/modules. Let's not try to invent a new way of determining if a module is loaded or not when there already are ways of doing so. thanks, greg k-h _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 12:32:31 PDT