Re: [RFC] LSM changes for 2.5.38

• Previous message: Greg KH: "Re: [RFC] No more module_* hooks"
• In reply to: Stephen Smalley: "Re: [RFC] LSM changes for 2.5.38"
• Next in thread: Antony Stone: "Re: [RFC] LSM changes for 2.5.38"
• Reply: Antony Stone: "Re: [RFC] LSM changes for 2.5.38"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Sep 27, 2002 at 08:09:50AM -0400, Stephen Smalley wrote:
> 
> > Also is there a _real_ need to pass in all the arguments?
> 
> Define _real_.  It is true that none of the existing open source security
> modules presently use this particular hook.  SELinux doesn't presently use
> it, but it seems reasonable to support finer-grained control over ioperm()
> than the all-or-nothing CAP_SYS_RAWIO.  Is the criteria that every hook
> and every parameter to every hook must be used by an existing open source
> security module?  If so, then yes, this hook can be dropped.

Yes, I think that is the criteria for any security hook.  So it (and
others) should be dropped.

thanks,

greg k-h
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Casey Schaufler: "Re: [RFC] No more module_* hooks"
• Previous message: Greg KH: "Re: [RFC] No more module_* hooks"
• In reply to: Stephen Smalley: "Re: [RFC] LSM changes for 2.5.38"
• Next in thread: Antony Stone: "Re: [RFC] LSM changes for 2.5.38"
• Reply: Antony Stone: "Re: [RFC] LSM changes for 2.5.38"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Sep 27 2002 - 09:36:24 PDT