Re: [RFC][PATCH] Add LSM sysctl hook to 2.5.59

• Previous message: Stephen D. Smalley: "Re: [RFC][PATCH] Add LSM sysctl hook to 2.5.59"
• Maybe in reply to: Stephen D. Smalley: "[RFC][PATCH] Add LSM sysctl hook to 2.5.59"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Crispin Cowan wrote:
>     * modules that don't care about sysctl can just ignore it and say
>       "ok" to everything
>     * modules that just want to be blunt can block sysctl for every
>       process that isn't, e.g.  root
>     * modules that want to be fine-grained about it can implement their
>       own data structures to track who can do what

The existing hook supports all three forms above.  

--
Stephen Smalley, NSA
sdsat_private

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Chris Wright: "[ANNOUNCE] 2.5.59-lsm1"
• Previous message: Stephen D. Smalley: "Re: [RFC][PATCH] Add LSM sysctl hook to 2.5.59"
• Maybe in reply to: Stephen D. Smalley: "[RFC][PATCH] Add LSM sysctl hook to 2.5.59"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jan 21 2003 - 07:33:22 PST