Re: [RFC] LSM changes for 2.5.38

• Previous message: Greg KH: "Re: [RFC] LSM changes for 2.5.38"
• In reply to: Christoph Hellwig: "Re: [RFC] LSM changes for 2.5.38"
• Next in thread: Christoph Hellwig: "Re: [RFC] LSM changes for 2.5.38"
• Reply: Christoph Hellwig: "Re: [RFC] LSM changes for 2.5.38"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 27 Sep 2002 17:55:10 BST, Christoph Hellwig said:

> And WTF is the use a security policy that checks module arguments?  Do
> you want to disallow options that are quotes from books on the index
> or not political correct enough for a US state agency?

How about a security policy that says:

1) Thou mayest do an 'modprobe wvlan_cs'

2) Thou mayest not do 'modprobe wvlan_cs eth=0'.

'eth=0' causes it to create the interface as 'wvlan0' 'wvlan1' etc rather
than 'eth0', 'eth1', etc.  This makes a difference if you have iptables
rules that say '-i eth+' or '-i wvlan+' that implement different rulesets
for wireless and hard-wired connections.
-- 
				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

• application/pgp-signature attachment: stored

• Next message: Christoph Hellwig: "Re: [RFC] LSM changes for 2.5.38"
• Previous message: Greg KH: "Re: [RFC] LSM changes for 2.5.38"
• In reply to: Christoph Hellwig: "Re: [RFC] LSM changes for 2.5.38"
• Next in thread: Christoph Hellwig: "Re: [RFC] LSM changes for 2.5.38"
• Reply: Christoph Hellwig: "Re: [RFC] LSM changes for 2.5.38"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Sep 27 2002 - 11:10:29 PDT