Re: Basic questions about LSM architecture.

From: rhys tucker (rhystuckerat_private)
Date: Mon Nov 26 2001 - 09:28:15 PST

  • Next message: Chris Wright: "Re: Basic questions about LSM architecture."

    >On Sun, Nov 25, 2001 at 03:36:37PM +0000, rhys tucker wrote:
    >> Does the 'Primary Security Module' refer to a particular and specialised
    >> security module or simply to the first security module to be loaded?
    25/11/2001 17:24:10, Greg KH <gregat_private> wrote:
    >I don't see where the term "Primary Security Module" is used in the
    >documentation.  Could you point it out to me?
    This is from a document by Smalley, Fraser and Vance at
    The document reads (/\<.*?\>//g)
    "The global security_ops table is initialized to a set of hook
    functions provided by a dummy security module that provides
    traditional superuser logic.  A  register_security
    function (in security/security.c) is provided to
    allow a security module to set security_ops to refer to its own hook
    functions, and an unregister_security function is
    provided to revert security_ops to the dummy module hooks.  This
    mechanism is used to set the primary security module, which is
    responsible for making the final decision for each hook."
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Mon Nov 26 2001 - 09:28:51 PST