[patch] reparent_to_init hook

• Previous message: Chris Wright: "Re: Submitting LSM (Was: Re: OLS Bof info)"
• Next in thread: Chris Wright: "Re: [patch] reparent_to_init hook"
• Reply: Chris Wright: "Re: [patch] reparent_to_init hook"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The attached patches for lsm 2.4 and 2.5 add a hook to the
reparent_to_init function and move the capability-specific logic
from this function into the capabilities module.  The patches also add at
least stub hook functions to each security module in the tree.

For the dummy security module, I wasn't certain whether to leave the
hook function empty or to set the euid and fsuid to 0.  The original
reparent_to_init function only sets the capability fields, not the
[e|fs]uid fields, but code that uses reparent_to_init will likely break if
we do not set these fields in the dummy module so that subsequent
capable() calls will succeed.  Hence, it may be best if I add code to set
the euid and fsuid in the dummy (and owlsm) modules prior to committing
these patches.

--
Stephen D. Smalley, NAI Labs
ssmalleyat_private

• TEXT/PLAIN attachment: 2.4-reparent.patch

• TEXT/PLAIN attachment: 2.5-reparent.patch

• Next message: Chris Wright: "Re: [patch] reparent_to_init hook"
• Previous message: Chris Wright: "Re: Submitting LSM (Was: Re: OLS Bof info)"
• Next in thread: Chris Wright: "Re: [patch] reparent_to_init hook"
• Reply: Chris Wright: "Re: [patch] reparent_to_init hook"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jul 11 2002 - 14:00:52 PDT