Re: sys_security() status ?

From: Stephen Smalley (sdsat_private)
Date: Thu Aug 21 2003 - 11:37:15 PDT

  • Next message: Brian Pontz: "checking exec"

    On Thu, 2003-08-21 at 05:59, Philippe Biondi wrote:
    > I've seen long threads about removing or not sys_security().
    > I've seen that latest lsm patches for 2.4 and 2.5 have it.
    > I've seen that 2.6.0-test2 does not have it.
    > 
    > I don't want to trigger another flamewar about pros and cons.
    > 
    > Is there any definitive status about its presence or absence in LSM ?
    > If so, what is this status ?
    
    sys_security was removed from the mainline kernel last October, iirc, so
    no one should be relying on it for their security module API.
    
    We overhauled the SELinux API earlier this year based on feedback from
    the kernel developers, and were able to get the necessary supporting
    changes into the mainline kernel:
    - a /proc/pid/attr API for getting and setting process security
    attributes,
    - changes to LSM and a new xattr handler to support the use of extended
    attributes by security modules for file security attributes.
    
    The SELinux policy API was reimplemented as a pseudo filesystem,
    selinuxfs, based on the example provided by nfsd.
    
    -- 
    Stephen Smalley <sdsat_private>
    National Security Agency
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Thu Aug 21 2003 - 11:38:18 PDT