On Fri, 10 Aug 2001, Greg KH wrote: > On Fri, Aug 10, 2001 at 05:01:31PM -0700, richard offer wrote: > > > > I could have no way to determine if my policy is loaded. Seriously, I > > don't. Audit is invisible, so is MAC. > > But your module isn't. Look in /proc/modules. Call query_module(2). > Any number of different ways to do this. > > > I'm not going to go and create a pseudo file system just to let > > applications know that my policy is loaded. That's bogus. You'd rather > > increase the kernel size than pass one extra parameter? > > No, I'd rather not overload an existing clean interface (syscalls) with > a new functionality that will take time (computer time with the extra > parameter) and administrative time (with people forced to register their > modules with some central authority.) > > And how much bloat is creating a single /proc entry to let your > userspace programs know that your module is loaded? > > Come on, syscalls are not meant to do this. This shouldn't even be an > argument. > > greg k-h Welllllllll.... I've dealt with many systems that use syscalls for this, but it's not immediately obvious to me why this is necessary under Linux. The "think" seems to be different in Linux. The argument is valid, but I don't see it as being "a near thing." J. Melvin Jones |>------------------------------------------------------ || J. MELVIN JONES jmjonesat_private |>------------------------------------------------------ || Microcomputer Systems Consultant || Software Developer || Web Site Design, Hosting, and Administration || Network and Systems Administration |>------------------------------------------------------ || http://www.jmjones.com/ |>------------------------------------------------------ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 18:06:35 PDT