Re: Clarifications of LSM API

From: Stephen Smalley (sds@private)
Date: Tue Jun 29 2004 - 12:21:40 PDT

Next message: Tomas Olsson: "Re: Clarifications of LSM API"

Previous message: Tomas Olsson: "Re: Clarifications of LSM API"
In reply to: Tomas Olsson: "Re: Clarifications of LSM API"
Next in thread: Tomas Olsson: "Re: Clarifications of LSM API"
Reply: Tomas Olsson: "Re: Clarifications of LSM API"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2004-06-29 at 15:08, Tomas Olsson wrote:
> The reason I asked, of course, is that I implemented a small jail-ish
> LSM. It uses the process security blob, and hooks alloc/free. Then I found
> that on some common distros, I lose. Due to existing LSMs in combination
> with the current, restricting stacking.

Did you look at Serge's BSD jail module? I think that the last posted
version was:
http://marc.theaimsgroup.com/?l=linux-security-module&m=108456827111544&w=2

That doesn't help you with the stacking problem, but might be of
interest.

-- 
Stephen Smalley <sds@private>
National Security Agency

Next message: Tomas Olsson: "Re: Clarifications of LSM API"
Previous message: Tomas Olsson: "Re: Clarifications of LSM API"
In reply to: Tomas Olsson: "Re: Clarifications of LSM API"
Next in thread: Tomas Olsson: "Re: Clarifications of LSM API"
Reply: Tomas Olsson: "Re: Clarifications of LSM API"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jun 29 2004 - 12:22:30 PDT