* Stephen Smalley (sds@private) wrote: > On Wed, 2004-10-27 at 07:13, Serge E. Hallyn wrote: > > I always liked the trusted bsd approach of an array inode->i_security[NUM_LSMS] > > better. but this is more flexible than that, while hopefully faster and cleaner > > than the purely voluntary chaining approach. > > Did you ever try the hybrid approach suggested in > http://marc.theaimsgroup.com/?l=linux-security-module&m=108852419220859&w=2? > Two statically allocated entries for primary and secondary module, then > voluntary chaining using a common header (possibly embedded). That > seems like a more promising approach to me than the hashtable. Might as well just do one or the other. Once there's more than one, there's composition issue that the core has to deal with. thanks, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
This archive was generated by hypermail 2.1.3 : Wed Oct 27 2004 - 10:02:35 PDT