On Thu, Oct 17, 2002 at 09:04:02PM +0100, Christoph Hellwig wrote: > On Thu, Oct 17, 2002 at 12:07:23PM -0700, Greg KH wrote: > > But this will require every security module project to petition for a > > syscall, which would be a pain, and is the whole point of having this > > sys_security call. > > And the whole point of the reemoval is to not make adding syscalls > easy. Adding a syscall needs review and most often you actually want > a saner interface. Ok, I think it's time for someone who actually cares about the security syscall to step up here to try to defend the existing interface. I'm pretty sure Ericsson, HP, SELinux, and WireX all use this, so they need to be the ones defending it. > > How would they be done differently now? Multiple different syscalls? > > Yes. Hm, in looking at the SELinux documentation, here's a list of the syscalls they need: http://www.nsa.gov/selinux/docs2.html That's a lot of syscalls :) thanks, greg k-h _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Oct 17 2002 - 13:11:22 PDT