Re: [RFC] No more module_* hooks

From: Greg KH (gregat_private)
Date: Mon Sep 30 2002 - 11:17:40 PDT

  • Next message: Greg KH: "Re: [RFC] No more module_* hooks"

    On Mon, Sep 30, 2002 at 12:52:07AM -0700, Chris Wright wrote:
    > * Stephen Smalley (sdsat_private) wrote:
    > > 
    > > All of the hooks in the 2.5.38-lsm-ipc.patch are used by SELinux.  Of the
    > > hooks in the 2.5.38-lsm-misc.patch, the following hooks appear to be
    > > unused by the existing security modules:
    > > 	sethostname
    > > 	setdomainname
    > > 	reboot
    > > 	ioperm
    > > 	iopl
    > > 	module_*
    > 
    > All of the above hooks are used by SubDomain.
    
    Is subdomain going to be released under the GPL anytime soon?
    
    And is there any reason you can't use the capabilities check for these
    hooks, like SELinux does?  From what I remember, SubDomain didn't check
    these hooks in the past with any finer-grained access rights from what
    capabilities would give you, or am I forgetting things?
    
    thanks,
    
    greg k-h
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Mon Sep 30 2002 - 11:20:20 PDT