dwheelerat_private wrote: >ObNote: Actually, the ID convention was my idea/fault. >Richard just removed the "-n" flag from echo. > Sorry. >I'd really prefer that the module expose its ID - if the module has one - >to the multiplex module. If the module doesn't have an id, >it can just pass a bogus one (say "0"). Many modules _are_ using the id >as a formal part of the interface when dealing with sys_security anyway. > That seems ok, so long as it does not mandate that a module *must* have an ID. >Currently, the multiplex module has to recompute the id if there is one. > I see your problem. >It's also dangerous if a module does not follow the >current documented convention. For example, SELinux follows the >original convention I suggested (using "-n"), so I have to special-case >selinux (and the special case makes it harder for SELinux to change >their id, should they choose to do so). All of this is unnecessary - >if SELinux provided its id (which it knows anyway). > Using a protocol consistently is important for interop. Film at 11 :) Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com/~crispin/ Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Sat Jul 20 2002 - 23:25:35 PDT