Re: netlink_send for dummy.c

From: Chris Wright (chrisat_private)
Date: Thu Nov 01 2001 - 10:54:31 PST

  • Next message: Emily Ratliff: "Re: [Linux-security-module-commit] lsm tree change 1.243"

    * James Morris (jmorrisat_private) wrote:
    > On Wed, 31 Oct 2001, Chris Wright wrote:
    > 
    > > the current netlink_send in dummy.c actually uses capabilities.  this is
    > > not the end of the world, but is a bit of a hack.
    > >
    > > admittedly, this is just another hack ;-)  but i'd say it's closer to
    > > the dummy charter (superuser permsisions).  since we do not have a
    > > blob in netlink_skb_parms (we've talked about this a few times), we can
    > > steal the eff_cap for dummy's needs.
    > >
    > > thoughts/flames?
    > >
    > 
    > I'm don't think that we should overload the eff_cap field in this way, and
    > it is still just replacing one hack with another as you mention.
    
    fair enough.  although, if we had a blob in netlink_skb_parms i suspect
    the right answer would be store the euid.  short term, we can leave it
    the way it is ;-)
    
    -chris
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Thu Nov 01 2001 - 11:00:28 PST