* frm sdsat_private "08/24/01 08:41:06 -0400" | sed '1,$s/^/* /' * * * As Greg K-H has already noticed, a snapshot of the LSM-based SELinux * prototype has been released on the NSA web site * (http://www.nsa.gov/selinux). The snapshot was generated on 8/22, * so it lacks a few of the most recent changes. Enjoy. With your use of *_precondition() do you think it might be worthwhile generalising this into various hooks? It seems something that any policy that needs to store its own data would find useful? If we only rely on task_alloc() to setup the blob, wont that mean that we can't add any security blobs to processes that are already running at module load time (or we can, but each person is going to have to re-invent the wheel) ? /* Typically, a task's attributes are initially assigned by task_alloc_security and changed upon program execution by bprm_compute_creds. So task_precondition should only determine a task's attributes if the task was created prior to the initialization of this module. Show all such assignments until we are sure that they occur correctly both in the static case and the dynamically loaded case. */ * Stephen D. Smalley, NAI Labs richard. ----------------------------------------------------------------------- Richard Offer Technical Lead, Trust Technology, SGI "Specialization is for insects" _______________________________________________________________________ _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Aug 24 2001 - 20:30:53 PDT