On Mon, 1 Apr 2002, David Wheeler wrote: > Can OWLSM (openwall for LSM) and/or LIDS > be stacked with SELinux? In particular, it seems like > Openwall would be useful to stack with SELinux. Not currently. At present, the SELinux security module only functions as a primary security module and provides minimal support for using either the dummy security module (traditional superuser logic) or the capabilities security module as a secondary security module. The recommended configuration is to use SELinux with capabilities. The dummy and capabilities security modules are easy to stack with SELinux because they do not use the security fields LSM added to the kernel data structures. Stacking the SELinux module with any module that does use these fields will require the definition of a common security object header with a module identifier and a link for chaining multiple security objects on a single security field. This has not yet been a priority for us. -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Apr 01 2002 - 12:53:28 PST