On Fri, Oct 18, 2002 at 01:31:35AM -0700, Crispin Cowan wrote: > That's interesting. Passing a completely opaque value (actually an > integer) through the system call was exactly what we designed it to do, > because we saw a design need for pecisely that: so that applications > with awareness of a specific module can talk to the module. > > Could you elaborate on why this is a sign of trouble, design wise? Because we already have such a syscall (ioctl) and we see the trouble it causes all over the place. Design yur interfaces properly instead. > >If we do things such as the fs stacking or fs filter ideas, > >that eliminates a whole swath of the facilities the security_ops > >"provide". No ugly syscalls passing opaque types through the kernel > >to some magic module, but rather a real facility that is useful > >to many things other than LSM. > > > Yes, that will be wonderful. And the LSM team will be pleased to re-work > the desing when stackable file systems appear and we can take advantage > of them. So do it know. It's possible and it just shows you've sent the LSM crap without actually thinking about a better design. Come back when you have a proper design. and btw, as LSM is part of the kernel anyone can and will change it. Your LSM team attitude is a bit like that hated CVS mentality.. _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Oct 18 2002 - 05:53:22 PDT