On Fri, Aug 10, 2001 at 05:01:31PM -0700, richard offer wrote: > > I could have no way to determine if my policy is loaded. Seriously, I > don't. Audit is invisible, so is MAC. But your module isn't. Look in /proc/modules. Call query_module(2). Any number of different ways to do this. > I'm not going to go and create a pseudo file system just to let > applications know that my policy is loaded. That's bogus. You'd rather > increase the kernel size than pass one extra parameter? No, I'd rather not overload an existing clean interface (syscalls) with a new functionality that will take time (computer time with the extra parameter) and administrative time (with people forced to register their modules with some central authority.) And how much bloat is creating a single /proc entry to let your userspace programs know that your module is loaded? Come on, syscalls are not meant to do this. This shouldn't even be an argument. greg k-h _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 17:17:56 PDT