Re: [PATCH][RFC] Remove kmod_set_label hook

• Previous message: Chris Wright: "Re: [PATCH][RFC] Remove kmod_set_label hook"
• In reply to: Stephen D. Smalley: "Re: [PATCH][RFC] Remove kmod_set_label hook"
• Next in thread: Russell Coker: "Re: [PATCH][RFC] Remove kmod_set_label hook"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 26 Mar 2003 12:56:31 EST, "Stephen D. Smalley" said:

> into misusing its privileges.  Keep in mind that at least some of these
> jobs execute user mode helpers, e.g. modprobe, and imposing
> restrictions on these user mode helpers may be useful, e.g. limiting

Ahh.. THAT was the part I forgot. ;)  So the actual jobs are running
in trusted mode but we keep a security context in case they call
untrusted userspace code.  Yeah, we'd want to do that. ;)

• application/pgp-signature attachment: stored

• Next message: Chris Wright: "Re: [PATCH][RFC] Remove inode_permission_lite hook"
• Previous message: Chris Wright: "Re: [PATCH][RFC] Remove kmod_set_label hook"
• In reply to: Stephen D. Smalley: "Re: [PATCH][RFC] Remove kmod_set_label hook"
• Next in thread: Russell Coker: "Re: [PATCH][RFC] Remove kmod_set_label hook"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Mar 26 2003 - 10:13:29 PST