Re: [PATCH] accessfs v0.6 ported to 2.5.35-lsm1 - 1/2

• Previous message: Stephen Smalley: "Re: [RFC] No more module_* hooks"
• In reply to: Olaf Dietsche: "Re: [PATCH] accessfs v0.6 ported to 2.5.35-lsm1 - 1/2"
• Next in thread: Olaf Dietsche: "Re: [PATCH] accessfs v0.6 ported to 2.5.35-lsm1 - 1/2"
• Reply: Olaf Dietsche: "Re: [PATCH] accessfs v0.6 ported to 2.5.35-lsm1 - 1/2"
• Reply: James Morris: "Re: [PATCH] accessfs v0.6 ported to 2.5.35-lsm1 - 1/2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Sep 27, 2002 at 08:55:52PM +0200, Olaf Dietsche wrote:
>  
> +static int cap_ip_prot_sock (int port)
> +{
> +	if (port && port < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE))
> +		return -EACCES;
> +
> +	return 0;
> +}
> +

Do we really want to force all of the security modules to implement this
logic (yes, it's the same discussion again...)

As for the ip_prot_sock hook in general, does it look ok to the other
developers?

thanks,

greg k-h
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Olaf Dietsche: "Re: [PATCH] accessfs v0.6 ported to 2.5.35-lsm1 - 1/2"
• Previous message: Stephen Smalley: "Re: [RFC] No more module_* hooks"
• In reply to: Olaf Dietsche: "Re: [PATCH] accessfs v0.6 ported to 2.5.35-lsm1 - 1/2"
• Next in thread: Olaf Dietsche: "Re: [PATCH] accessfs v0.6 ported to 2.5.35-lsm1 - 1/2"
• Reply: Olaf Dietsche: "Re: [PATCH] accessfs v0.6 ported to 2.5.35-lsm1 - 1/2"
• Reply: James Morris: "Re: [PATCH] accessfs v0.6 ported to 2.5.35-lsm1 - 1/2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Sep 27 2002 - 14:49:35 PDT