Crispin Cowan <crispin@private> writes: > OTOH, I can see strong cases for stacking multiple modules in the > field, e.g. one container module (choose one of Subdomain, SELinux, > LIDS, Jail, DTE, etc.) and a list lof several point solutions such as > OWLSM (implements Openwall's hard/soft link protections), TPE (Trusted > Path), etc. Stacking in this case may be feasible if it is the case > that all the "point solution" modules do not use security blobs. > What about possibilities to extend the interface by allowing the modules to store blobs on their own, connected to the main blob? I guess it would involve passing a blob ** in all hooks, or possibly just a locator function pointer upon registration. Doable? /Tomas (naive optimist today)
This archive was generated by hypermail 2b30 : Wed Jun 30 2004 - 15:57:04 PDT