Re: [PATCH][RFC] Remove kmod_set_label hook

From: Russell Coker (russellat_private)
Date: Wed Mar 26 2003 - 16:07:05 PST

  • Next message: Stephen D. Smalley: "Re: [PATCH][RFC] Remove kmod_set_label hook"

    On Thu, 27 Mar 2003 00:33, Chris Wright wrote:
    > > We have just had to change polity to allow the init program greater
    > > access than it would otherwise require because a kernel thread needed
    > > more access, which is not desirable.
    > Why?  The init in reparent_to_init is the initial kernel thread.  The
    > init program is exec'd late in bootup.  The exec can easily be a domain
    > transition for init.  What am I missing?
    See the thread concerning the following message:
    It seems that domain transitions aren't possible in this case.
    --   My NSA Security Enhanced Linux packages  Bonnie++ hard drive benchmark    Postal SMTP/POP benchmark  My home page
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Wed Mar 26 2003 - 16:07:42 PST