On Thu, Apr 18, 2002 at 03:20:06PM -0400, Steve Johnson wrote: > I did not know that the modules could not be mixed like that. Composing security policies is difficult -- it is still good research material. The LSM interface allows modules to stack, if they work together and were programmed with the intention of stacking. This ensures that the module authors were prepared to think about composition issues and helps to keep the interface clean and simple. > Is there a page that has more documentation on LSM itself? There is a DocBook file in the LSM kernel source tree, Documentation/DocBook/lsm.tmpl. I think it can be built by running "make psdocs" from the top level of your kernel source tree -- or, if you don't mind SGML markup, you can read it directly. :) Of course, if that file doesn't help you, you can read mail list archives here: http://mail.wirex.com/pipermail/linux-security-module/ Cheers :) -- UniNet InfoSec Conference April 15-20 http://infosec.uninet.edu
This archive was generated by hypermail 2b30 : Thu Apr 18 2002 - 12:40:43 PDT