jmjonesat_private wrote: >On Tue, 4 Sep 2001, richard offer wrote: > >>In particular, I'm not adding any security specifics to the patch. LSM is >>it. Which is why we still want FD's :-) >> >I still want userspace specified filenames, which I have "silenced" about >entirely on the assurance that 2.5 will change this. > We (WireX) want that too. It seems clear that the path of least resistance here is to do it the way Al Viro wants. >FD's are useful to me, in that regard, but, since they're indexes that >don't have "heft", I'd rather see the userspace-specified filename be >passed to the module, somehow (perhaps with PID and FD data, >simultaneously, or even INODE indexed, which interleaves into the current >paradigm for control.) > FD: Stage 2, unless someone has an access control motivation for them. JMJ: you've been hinting at your world-conquering LSM module for a while, but never told us what it is. DO you have an access control reason to want FDs? If so, please share it, and you may get them. Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue Sep 04 2001 - 16:08:21 PDT