Re: [PATCH][LSM] Early init for security modules and various cleanups

• Previous message: Roberto Nibali: "Re: OLS"
• In reply to: Stephen Smalley: "Re: [PATCH][LSM] Early init for security modules and various cleanups"
• Next in thread: Chris Wright: "Re: [PATCH][LSM] Early init for security modules and various cleanups"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Stephen Smalley wrote:
> On Mon, 2003-06-02 at 06:44, Andrew Morton wrote:
> 
>>Chris Wright <chrisat_private> wrote:
>>
>>>security_capable() returns 0 if that capability bit is set. 
>>>
>>That's just bizarre.  Is there any logic behind it?
>>
> 
> The LSM access control hooks all return 0 on success (i.e. permission
> granted) and negative error code on failure, like most of the rest of
> the kernel interfaces (e.g. consider permission())

Maybe it should be called "security_incapable() and then the return code can be 
treated as a boolean true/false....


Chris

-- 
Chris Friesen                    | MailStop: 043/33/F10
Nortel Networks                  | work: (613) 765-0557
3500 Carling Avenue              | fax:  (613) 765-2986
Nepean, ON K2H 8E9 Canada        | email: cfriesenat_private

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Chris Wright: "Re: [PATCH][LSM] Early init for security modules and various cleanups"
• Previous message: Roberto Nibali: "Re: OLS"
• In reply to: Stephen Smalley: "Re: [PATCH][LSM] Early init for security modules and various cleanups"
• Next in thread: Chris Wright: "Re: [PATCH][LSM] Early init for security modules and various cleanups"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jun 02 2003 - 07:42:00 PDT