On Thu, Apr 24, 2003 at 08:55:46AM -0400, Stephen Smalley wrote: > attributes. Andreas Gruenbacher had suggested during the earlier thread > that we use something like the xattr_trusted.c attribute handler, so > that a single xattr handler would cover all security modules but each > security module could have its own attribute name (security.selinux, > security.dte, security.capabilities, etc). As I explained during that > thread, I don't think we want to use the trusted attribute handler > itself due to its permission checking model, Hmm, what would you think of changing the xattr_trusted security model to fit your needs? It's so far unused outside XFS and there's maybe a chance changing it. > but it would be easy to > make the xattr_security.c handler more like xattr_trusted.c in terms of > allowing arbitrary extensions of a "security." prefix. Is that more to > your liking, or do you truly want a separate handler for each security > module? It's fine with me. _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Apr 24 2003 - 06:04:26 PDT