Re: [RFC] No more module_* hooks

From: Stephen Smalley (sdsat_private)
Date: Fri Sep 27 2002 - 14:07:24 PDT

  • Next message: Greg KH: "Re: [PATCH] accessfs v0.6 ported to 2.5.35-lsm1 - 1/2"

    On Fri, 27 Sep 2002, Greg KH wrote:
    
    > Obviously the module_* hooks were wrong to do, as they are not being
    > used.  So I want to remove them.
    >
    > I think we should go back through all of the hooks and check to make
    > sure that they are in use, and that they are sanely protecting what we
    > think they are protecting, before we submit them to the main kernel
    > tree.
    >
    > Is this ok?
    
    All of the hooks in the 2.5.38-lsm-ipc.patch are used by SELinux.  Of the
    hooks in the 2.5.38-lsm-misc.patch, the following hooks appear to be
    unused by the existing security modules:
    	sethostname
    	setdomainname
    	reboot
    	ioperm
    	iopl
    	module_*
    
    The other hooks are used, except for swapoff, but I think that is a bug in
    the SELinux module; it should be enforcing a consistent control over
    swapon and swapoff.  Note that these two hooks were originally a single
    hook in Wayne's original patch, but were split at the request of others on
    the list.
    
    --
    Stephen D. Smalley, NAI Labs
    ssmalleyat_private
    
    
    
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Fri Sep 27 2002 - 14:09:24 PDT