* Michael Halcrow (mike@private) wrote:
> For final review before sending them off to LKML. Please let me know
> if anything looks amiss. This is in support of the BSD Secure Levels
> LSM that follow.
Looks basically fine. Are you sure you got all callers of
do_settimeofday? I'm not sure how the user interfaces the one in
drivers/acorn/char/i2c.c, for example.
> + /* Call the Linux Security Module to perform its checks */
Remove unneeded comments like this.
> --- linux-2.6.7/security/commoncap.c 2004-06-16 00:19:13.000000000 -0500
> +++ linux-2.6.7_seclvl/security/commoncap.c 2004-08-05 10:32:11.000000000 -0500
> @@ -33,6 +33,14 @@
> return -EPERM;
> }
>
> +int cap_settime(struct timespec *ts, struct timezone *tz)
> +{
> + if (!capable (CAP_SYS_TIME))
> + return -EPERM;
> + else
> + return 0;
> +}
Can you kill the extra whitespace after capable and remove the else.
Just nitpick to keep in typical style.
> --- linux-2.6.7/security/dummy.c 2004-06-16 00:19:01.000000000 -0500
> +++ linux-2.6.7_seclvl/security/dummy.c 2004-08-05 10:32:11.000000000 -0500
> @@ -104,6 +104,13 @@
> return 0;
> }
>
> +static int dummy_settime (struct timeval *tv, struct timezone *tz)
> +{
> + if (!capable (CAP_SYS_TIME))
> + return -EPERM;
> + return 0;
Can you kill the extra whitespace after capable?
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
This archive was generated by hypermail 2.1.3 : Thu Aug 05 2004 - 17:26:47 PDT