On Thu, Sep 06, 2001 at 02:18:09PM +1000, Lachlan McIlroy wrote: > > Any other reasons for or against this idea are welcome... > but 'general reasons' will be frowned upon. How about the "general reason" that it's up to the module that is doing the stacking to handle all of this itself? :) Seriously, stacking modules is not nice. I know people want to do it, and more power to you, that's why the hooks in the register security module function are there for you. If you do it, you had _better_ know what you are stacking, and handle all of the passing the blobs around properly. But defining a common header right now doesn't make much sense. But if people are willing to move their security projects into the kernel tree then some kind of commonality could be done in the future. I do recommend using a "magic value" as the first field of the security blob like Stephen mentioned. That's just good defensive programming. In short, if you want to do module stacking, you have to do all the heavy lifting yourself. thanks, greg k-h _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Sep 06 2001 - 10:56:55 PDT