Re: Submitting LSM (Was: Re: OLS Bof info)

• Previous message: Greg KH: "Re: Submitting LSM (Was: Re: OLS Bof info)"
• In reply to: Greg KH: "Re: Submitting LSM (Was: Re: OLS Bof info)"
• Next in thread: Stephen Smalley: "Re: Submitting LSM (Was: Re: OLS Bof info)"
• Next in thread: Chris Wright: "Re: Submitting LSM (Was: Re: OLS Bof info)"
• Reply: Stephen Smalley: "Re: Submitting LSM (Was: Re: OLS Bof info)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Greg KH (gregat_private) wrote:
> On Thu, Jul 11, 2002 at 08:30:39AM -0400, Stephen Smalley wrote:
> > 
> > On Wed, 10 Jul 2002, Greg KH wrote:
> > 
> > > I'd be glad to start feeding them, but want to see the following done
> > > first:
> > > 	- split out the "non LSM" patches from the tree and send those
> > > 	  first.
> > 
> > Ok.  Do you want/need help in splitting out these patches, or are you
> > and/or Chris already working on this task?
> 
> I had the impression that Chris was going to do this, I'm currently not.
> So yes, any help would be appreciated.  If someone wants to send me
> these patches, I'll add them to a bk tree to send to Linus.

I had intended to do this splitting.  I don't expect to have time this
week, so if you want to start pushing sooner feel free.  Stephen, could you
propose a reparent_to_init hook for review?

> > > 	- either remove, or provide a config option to remove the
> > > 	  network hooks.  Robert Love gave me the idea of how to make
> > > 	  them configurable that I'd be glad to do if someone wants me
> > > 	  to.  Actually, I could make all the hooks configurable if we
> > > 	  want to (header file judo is fun :)
> > 
> > I don't think we want to make all the hooks configurable unless we are
> > specifically told to do so by the kernel developers, as that seems
> > contrary to Linus' original guidance.  I'd suggest only making the network
> > hooks configurable initially, and only the most sensitive ones (e.g.
> > possibly the IPv4 networking hooks and the sk_buff hooks, but probably not
> > the socket layer hooks).  But Chris and James seem to think that we should
> > wait on even making these hooks configurable until after the networking
> > maintainers ask for such changes, and that makes sense to me as well.  Is
> > that ok with you?
> 
> I think we should initially not submit the network stuff at all.  Then,
> after the main lsm patch is in, add the network stuff as a separate
> configuration option.  I figure all the main battles will have taken
> place by then, so we can just focus on the network issues.
> 
> Sound good?

That's how I see it as well.

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Stephen Smalley: "Re: Submitting LSM (Was: Re: OLS Bof info)"
• Previous message: Greg KH: "Re: Submitting LSM (Was: Re: OLS Bof info)"
• In reply to: Greg KH: "Re: Submitting LSM (Was: Re: OLS Bof info)"
• Next in thread: Stephen Smalley: "Re: Submitting LSM (Was: Re: OLS Bof info)"
• Next in thread: Chris Wright: "Re: Submitting LSM (Was: Re: OLS Bof info)"
• Reply: Stephen Smalley: "Re: Submitting LSM (Was: Re: OLS Bof info)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 11 2002 - 11:15:24 PDT