Re: [PATCH] no longer export capability_ops and nproc_ops

• Previous message: Chris Wright: "[PATCH] no longer export capability_ops and nproc_ops"
• In reply to: Chris Wright: "[PATCH] no longer export capability_ops and nproc_ops"
• Next in thread: Chris Wright: "Re: [PATCH] no longer export capability_ops and nproc_ops"
• Reply: Chris Wright: "Re: [PATCH] no longer export capability_ops and nproc_ops"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 7 Nov 2001, Chris Wright wrote:

> Is anyone still using the capabilty_ops directly instead of stacking
> with capability module?
> 
> I don't think we need to export capability_ops and nproc_ops any longer.
> 
> Thoughts/flames?
> 
> -chris


I use capability_plug.o to stack in my prototype.  Direct access is not
within the LSM paradigm, I think.  How does not-exporting this advantage
LSM, specifically?

Based on the concept that there must be "arguable functionality" for every
change.

J. Melvin Jones


> 
> 
> ===== security/capability.c 1.75 vs edited =====
> --- 1.75/security/capability.c	Tue Nov  6 00:19:18 2001
> +++ edited/security/capability.c	Wed Nov  7 11:28:21 2001
> @@ -1331,7 +1331,5 @@
>  module_init (capability_init);
>  module_exit (capability_exit);
>  
> -EXPORT_SYMBOL (capability_ops);
> -
>  MODULE_DESCRIPTION("Standard Linux Capabilities Security Module");
>  MODULE_LICENSE("GPL");
> ===== security/nproc.c 1.7 vs edited =====
> --- 1.7/security/nproc.c	Fri Nov  2 10:35:34 2001
> +++ edited/security/nproc.c	Wed Nov  7 11:28:41 2001
> @@ -1180,8 +1180,6 @@
>  module_init (nproc_init);
>  module_exit (nproc_exit);
>  
> -EXPORT_SYMBOL(nproc_ops);
> -
>  MODULE_DESCRIPTION("LSM implementation of the Openwall kernel patch adding RLIMIT_NPROC limitation to execve");
>  MODULE_LICENSE("GPL");
>  
> ===== security/Makefile 1.10 vs edited =====
> --- 1.10/security/Makefile	Tue Nov  6 00:19:18 2001
> +++ edited/security/Makefile	Wed Nov  7 13:46:34 2001
> @@ -9,7 +9,7 @@
>  subdir-$(CONFIG_SECURITY_DTE)		+= dte
>  
>  # Objects that export symbols
> -export-objs	:= security.o capability.o nproc.o
> +export-objs	:= security.o
>  
>  # Object file lists
>  obj-y		:= security.o dummy.o
> 
> _______________________________________________
> linux-security-module mailing list
> linux-security-module@wirex.com
> http://mail.wirex.com/mailman/listinfo/linux-security-module
> 


|>------------------------------------------------------
||  J. MELVIN JONES            jmjones@jmjones.com 
|>------------------------------------------------------
||  Microcomputer Systems Consultant  
||  Software Developer
||  Web Site Design, Hosting, and Administration
||  Network and Systems Administration
|>------------------------------------------------------
||  http://www.jmjones.com/
|>------------------------------------------------------




_______________________________________________
linux-security-module mailing list
linux-security-module@wirex.com
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Chris Wright: "Re: [PATCH] no longer export capability_ops and nproc_ops"
• Previous message: Chris Wright: "[PATCH] no longer export capability_ops and nproc_ops"
• In reply to: Chris Wright: "[PATCH] no longer export capability_ops and nproc_ops"
• Next in thread: Chris Wright: "Re: [PATCH] no longer export capability_ops and nproc_ops"
• Reply: Chris Wright: "Re: [PATCH] no longer export capability_ops and nproc_ops"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Nov 07 2001 - 15:16:43 PST