Re: [RFC] No more module_* hooks

• Previous message: Alan Cox: "Re: [RFC] LSM changes for 2.5.38"
• In reply to: Stephen Smalley: "Re: [RFC] No more module_* hooks"
• Next in thread: Greg KH: "Re: [RFC] No more module_* hooks"
• Next in thread: Casey Schaufler: "Re: [RFC] No more module_* hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Stephen Smalley (sdsat_private) wrote:
> 
> On Mon, 30 Sep 2002, Chris Wright wrote:
> 
> > This seems more than reasonable, but I believe we should consider
> > collapsing capable() hooks into existing LSM hooks rather than the other
> > way around.  How's that sound?
> 
> As long as we limit the scope of such collapsing to simple capable()
> checks, and don't start trying to collapse complex access checks with
> embedded capable() checks within them into the LSM hooks...

Yup, I agree.
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Stephen Smalley: "Re: [PATCH] accessfs v0.6 ported to 2.5.35-lsm1 - 1/2"
• Previous message: Alan Cox: "Re: [RFC] LSM changes for 2.5.38"
• In reply to: Stephen Smalley: "Re: [RFC] No more module_* hooks"
• Next in thread: Greg KH: "Re: [RFC] No more module_* hooks"
• Next in thread: Casey Schaufler: "Re: [RFC] No more module_* hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Sep 30 2002 - 09:52:34 PDT