On Thu, 1 Nov 2001, Stephen Smalley wrote: > I don't think it is a good idea to overload eff_cap in this way. Also, > does this even compile if you define STRICT_CAP_T_TYPECHECKS in > include/linux/capability.h? I'd suggest leaving it alone. Actually, I see that the existing code would also break if this were defined, but so would core kernel code, so maybe STRICT_CAP_T_TYPECHECKS doesn't matter. Nonetheless, it seems dangerous to start using eff_cap to store uids. It also creates greater likelihood of bad interactions among stacked modules. -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Nov 01 2001 - 06:49:21 PST