So, has anyone looked at the authoritative hooks patch yet? This patch was also triggered by the discussion at the Usenix Security BOF (http://mail.wirex.com/pipermail/linux-security-module/2001-August/001663.html). Crispin described a solution that he believed would satisfy SGI after talking with Richard, and seemed willing to accept that solution (See the notes). I advised caution without more precise knowledge of exactly what that solution would entail. So I agreed to resurrect my old authoritative hooks patch, update it to the current snapshot of the LSM patch, and post it for consideration by all parties. From SGI, we need to know how well this patch would meet their needs, and what other changes would be necessary (with an example patch showing exactly what they mean for some non-trivial case). From WireX and Greg K-H, we need to know whether even this patch acceptable, and, if not, is there some subset of this patch that would be acceptable? The patch should apply cleanly relative to the lsm-2001_08_16 patch. Since I finally committed the capget/capset hooks, it definitely won't work anymore on the head of the BitKeeper tree, although it wouldn't be hard to update it. -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Aug 22 2001 - 06:39:47 PDT