Re: [RFC] No more module_* hooks

• Previous message: Stephen Smalley: "Re: graft_tree/attach_mnt rfc"
• In reply to: Chris Wright: "Re: [RFC] No more module_* hooks"
• Next in thread: Chris Wright: "Re: [RFC] No more module_* hooks"
• Next in thread: Casey Schaufler: "Re: [RFC] No more module_* hooks"
• Reply: Chris Wright: "Re: [RFC] No more module_* hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 30 Sep 2002, Chris Wright wrote:

> This seems more than reasonable, but I believe we should consider
> collapsing capable() hooks into existing LSM hooks rather than the other
> way around.  How's that sound?

As long as we limit the scope of such collapsing to simple capable()
checks, and don't start trying to collapse complex access checks with
embedded capable() checks within them into the LSM hooks...

--
Stephen D. Smalley, NAI Labs
ssmalleyat_private



_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Serge E. Hallyn: "Re: graft_tree/attach_mnt rfc"
• Previous message: Stephen Smalley: "Re: graft_tree/attach_mnt rfc"
• In reply to: Chris Wright: "Re: [RFC] No more module_* hooks"
• Next in thread: Chris Wright: "Re: [RFC] No more module_* hooks"
• Next in thread: Casey Schaufler: "Re: [RFC] No more module_* hooks"
• Reply: Chris Wright: "Re: [RFC] No more module_* hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Sep 30 2002 - 05:47:16 PDT