* David Wheeler (dwheelerat_private) wrote: > I believe that several functions in Openwall don't > require any additional information in the kernel data structures. > Would it be possible to split out those capabilities into > a "partial openwall" module that implements those features? > I'm thinking about things like the Non-executable stack, > temp directory limitations, etc. That way, those functions could > be added to any system using insmod. The owlsm module is compile time configurable, and it is possible to compile it such that it doesn't use the security blob. This isn't documented, however, disabling CONFIG_OWLSM_FD should do it for now. As others have mentioned, the non-executable stack is not likely to go in because the patch is not easily put in LSM terms. cheers, -chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Apr 01 2002 - 18:58:48 PST