On Thu, Aug 23, 2001 at 02:19:33PM -0400, Chris Vance wrote: > > Attached is a patch that contains an updated syscall hook (same as > Stephen's last patch, but uses unsigned ints) and adds two new hooks for > unix sockets. > > As mentioned earlier > http://mail.wirex.com/pipermail/linux-security-module/2001-August/001665.html > We needed to insert hooks directly into the af_unix code so that we can > control sockets using the abstract name space. > > I've added one hook to control the ability to establish stream connections > and another hook (in two locations) to control datagrams. > > If nobody objects, Stephen can commit these changes tomorrow. Looks good. I applied Stephen's slimmed down patch for this, but I changed the placement of the hook a bit (other side of the comment for the unix_stream_connect call made more sense.) I also lined up the formatting of the capabilities_plug code a bit nicer. thanks for the patch, and congrats to you all on the latest SELinux release. It looks very nice and shows off the lsm patch very well. greg k-h _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Aug 23 2001 - 23:20:52 PDT