Re: question about bprm_ops->alloc_security(&bprm) (fwd)

• Previous message: Serge E. Hallyn: "Re: question about bprm_ops->alloc_security(&bprm)"
• In reply to: Chris Wright: "Re: question about bprm_ops->alloc_security(&bprm) (fwd)"
• Next in thread: Valdis.Kletnieksat_private: "Re: question about bprm_ops->alloc_security(&bprm) (fwd)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> i see two solutions to adding a new hook.
> 
> 1) rearrange kernel code path slightly, such that prepare_binprm(&bprm)
> happens after the copy_strings.  penalty is some basic simple sanity checking
> which could error out must wait until after a more costly copy_from_user.

Think this has been argued before, and i don't remember which way it went,
but my gut reaction this morning would be that adding one hook in one place
would be considered less intrusive than rearranging the existing code path.
I could be wrong.

-serge
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Valdis.Kletnieksat_private: "Re: question about bprm_ops->alloc_security(&bprm) (fwd)"
• Previous message: Serge E. Hallyn: "Re: question about bprm_ops->alloc_security(&bprm)"
• In reply to: Chris Wright: "Re: question about bprm_ops->alloc_security(&bprm) (fwd)"
• Next in thread: Valdis.Kletnieksat_private: "Re: question about bprm_ops->alloc_security(&bprm) (fwd)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Feb 07 2002 - 06:50:23 PST