* Stephen Smalley (sdsat_private) wrote: > > The attached patches for lsm 2.4 and 2.5 add a hook to the > reparent_to_init function and move the capability-specific logic > from this function into the capabilities module. The patches also add at > least stub hook functions to each security module in the tree. > > For the dummy security module, I wasn't certain whether to leave the > hook function empty or to set the euid and fsuid to 0. The original > reparent_to_init function only sets the capability fields, not the > [e|fs]uid fields, but code that uses reparent_to_init will likely break if > we do not set these fields in the dummy module so that subsequent > capable() calls will succeed. Hence, it may be best if I add code to set > the euid and fsuid in the dummy (and owlsm) modules prior to committing > these patches. This looks sane, althgough I do think we'll need the dummy/owlsm hook filled in. thanks, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jul 11 2002 - 18:06:32 PDT