On Sun, Aug 12, 2001 at 04:54:49AM +0000, David Wagner wrote: > But the point is that we need a uniform standard to reliably > rule out ambiguous parses. For instance, we need all modules > to agree that the first arg carries a token identifying the > intended module. If different modules have different identification > protocols, there is no guarantee that such a type-confusion attack > cannot occur. No we don't need any such "uniform standard". You need a standard for _your_ user applications to determine if _your_ security module is currently loaded. And since you wrote both of them, and control both of them, you're set. SELinux apps don't care if a Janus kernel module is loaded, with the exception that it needs to be able to determine if the SELinux module is loaded or not. That's all. And it is _very_ easy to prevent your module from being unloaded if you currently have a user application that is expecting it to be around is still running. Think automatic module use increments when files are opened and closed. Works very nicely, and you don't have to put any extra logic in your module. thanks, greg k-h _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Aug 13 2001 - 15:34:35 PDT