Re: User space API definition?

• Previous message: Chris Wright: "Re: User space API definition?"
• In reply to: Stephen Smalley: "Re: User space API definition?"
• Next in thread: richard offer: "Re: User space API definition?"
• Next in thread: Chris Wright: "Re: User space API definition?"
• Reply: richard offer: "Re: User space API definition?"
• Reply: Stephen Smalley: "Re: User space API definition?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2003-08-12, k keltezéssel Stephen Smalley ezt írta:
 
> The /proc/pid/attr and xattr APIs already provide a generic way of
> dealing with process and file security attributes, and are part of 2.6. 
> The SELinux API is implemented using these interfaces plus an additional
> pseudo filesystem for the security policy API, as that is specific to
> SELinux (but generally suitable for MAC security policies).

Could the SELinux API be a basis of a generic security module API?
Is it generizable enough? Is it C enough? A pseudo filesystem
might be a good implementation detail, but you cannot call it from an
application program. You need a function call interface to easily
use it.
 
-- 
GNU GPL: csak tiszta forrásból
_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Casey Schaufler: "Re: About Auditing ..."
• Previous message: Chris Wright: "Re: User space API definition?"
• In reply to: Stephen Smalley: "Re: User space API definition?"
• Next in thread: richard offer: "Re: User space API definition?"
• Next in thread: Chris Wright: "Re: User space API definition?"
• Reply: richard offer: "Re: User space API definition?"
• Reply: Stephen Smalley: "Re: User space API definition?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Aug 12 2003 - 15:06:57 PDT