Re: [PATCH] network device statistic hooks

• Previous message: Exploiter I. Muhammad: "RE:All FUN, No Drama apple"
• In reply to: James Morris: "Re: [PATCH] network device statistic hooks"
• Next in thread: James Morris: "Re: [PATCH] network device statistic hooks"
• Reply: James Morris: "Re: [PATCH] network device statistic hooks"
• Reply: James Morris: "Re: [PATCH] network device statistic hooks"
• Reply: Valdis.Kletnieks@private: "Re: [PATCH] network device statistic hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

> On Mon, 16 Aug 2004, Serge Hallyn wrote:
> 
> > Attached is a proposed patch to allow LSM's to hide the existance of
> > network interfaces.  This appears to require more than one pair of
> > hooks.  The netdev_* hooks are generic network device hooks.  The inet_*
> > hooks are for internet devices.  The latter know about device aliases,
> > such as eth0:0.
> 
> What security purpose does it serve to hide the existence of a network 
> interface?
> 
> I don't think this patch has much chance of upstream acceptance.

Is this the generally accepted view?  My hope was that the fact
that these will not affect networking performance would make them
more acceptable.

Is there a different approach which people think would be more
acceptable, by either being less intrusive, or by providing benefits
to other LSM's?

thanks,
-serge

• Previous message: Exploiter I. Muhammad: "RE:All FUN, No Drama apple"
• In reply to: James Morris: "Re: [PATCH] network device statistic hooks"
• Next in thread: James Morris: "Re: [PATCH] network device statistic hooks"
• Reply: James Morris: "Re: [PATCH] network device statistic hooks"
• Reply: James Morris: "Re: [PATCH] network device statistic hooks"
• Reply: Valdis.Kletnieks@private: "Re: [PATCH] network device statistic hooks"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Tue Aug 24 2004 - 16:29:23 PDT