On Fri, Oct 18, 2002 at 06:30:28PM +0200, Russell Coker wrote: > So how does it harm the mainline kernel to have a system call reserved for LSM > and then not allow anything in the mainline kernel that uses it? Then we can > deploy modules using the current LSM design without harming the mainline > kernel. IT adds infrastructure to implement syscalls without peer review. End then it ends beeing crap like the selinux syscalls. > The only code that we really want to see in the mainline kernel is the hooks > for permission checks. Personally I would not mind if no security module > ever gets included in Linus' source tree. And exactly these hooks harm. They are all over the place, have performance and code size impact and mess up readability. Why can't you just maintain an external patch like i.e. mosix folks that nead similar deep changes? _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Oct 18 2002 - 09:34:29 PDT