Re: User space API definition?

• Previous message: Magos�nyi �rp�d: "User space API definition?"
• In reply to: Magos�nyi �rp�d: "User space API definition?"
• Next in thread: Magos�nyi �rp�d: "Re: User space API definition?"
• Next in thread: Chris Wright: "Re: User space API definition?"
• Reply: Magos�nyi �rp�d: "Re: User space API definition?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2003-08-12 at 13:40, Magosányi Árpád wrote:
> Hi!
> 
> What about the idea of defining a generic user space API which
> all security modules could provide?
> 
> For application writer there is now a problem of "which security
> module to support?". A generic API would eliminate the problem.

The /proc/pid/attr and xattr APIs already provide a generic way of
dealing with process and file security attributes, and are part of 2.6. 
The SELinux API is implemented using these interfaces plus an additional
pseudo filesystem for the security policy API, as that is specific to
SELinux (but generally suitable for MAC security policies).

-- 
Stephen Smalley <sdsat_private>
National Security Agency

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Chris Wright: "Re: User space API definition?"
• Previous message: Magos�nyi �rp�d: "User space API definition?"
• In reply to: Magos�nyi �rp�d: "User space API definition?"
• Next in thread: Magos�nyi �rp�d: "Re: User space API definition?"
• Next in thread: Chris Wright: "Re: User space API definition?"
• Reply: Magos�nyi �rp�d: "Re: User space API definition?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Aug 12 2003 - 10:54:01 PDT