On Fri, 31 Aug 2001, Lachlan McIlroy wrote: > I've attached a patch that moves some lines in newque/ > newary/newseg so that the key and flag arguments are > available when new messages/semaphores/segments are > created. The alternative to this change is to add the > arguments to the hooks but I thought this would be less > invasive. Any objections? Hmm...this seems a little inconsistent with the other alloc_security hooks, but it is probably reasonable in this case. For objects like inodes, we have separate hooks for allocating the security blob (alloc_security) and setting the attributes in it (post_lookup, post_create, ...). Likewise for sockets, allocation is handled by the inode_ops->alloc_security, while the setting of attributes is handled by socket_ops->post_create and accept. But there doesn't seem to be much point in providing two separate hooks for the System V IPC objects, since they would merely be separated by a few lines of code. -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Aug 31 2001 - 07:45:40 PDT