On Wed, 10 Jul 2002, Greg KH wrote: > I'd be glad to start feeding them, but want to see the following done > first: > - split out the "non LSM" patches from the tree and send those > first. Ok. Do you want/need help in splitting out these patches, or are you and/or Chris already working on this task? > - either remove, or provide a config option to remove the > network hooks. Robert Love gave me the idea of how to make > them configurable that I'd be glad to do if someone wants me > to. Actually, I could make all the hooks configurable if we > want to (header file judo is fun :) I don't think we want to make all the hooks configurable unless we are specifically told to do so by the kernel developers, as that seems contrary to Linus' original guidance. I'd suggest only making the network hooks configurable initially, and only the most sensitive ones (e.g. possibly the IPv4 networking hooks and the sk_buff hooks, but probably not the socket layer hooks). But Chris and James seem to think that we should wait on even making these hooks configurable until after the networking maintainers ask for such changes, and that makes sense to me as well. Is that ok with you? -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jul 11 2002 - 05:31:40 PDT