Re: [RFC] [PATCH] Replace security fields with hashtable

From: Stephen Smalley (sds@private)
Date: Fri Oct 29 2004 - 05:13:29 PDT

Previous message: Mimi Zohar: "Re: [RFC] [PATCH] Replace security fields with hashtable"
In reply to: Mimi Zohar: "Re: [RFC] [PATCH] Replace security fields with hashtable"
Next in thread: Mimi Zohar: "Re: [RFC] [PATCH] Replace security fields with hashtable"
Next in thread: Chris Wright: "Re: [RFC] [PATCH] Replace security fields with hashtable"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Thu, 2004-10-28 at 15:50, Mimi Zohar wrote:
> None of the LSM security modules, other than perhaps Stacker, should be
> builtin, but
> should be loaded in the initrd.

Not an option for any security module that wants to label and control
all kernel objects, like SELinux.  SELinux required introduction of a
separate security_initcall() in order to support early initialization
before normal module initialization occurs, even for built-in modules.

-- 
Stephen Smalley <sds@private>
National Security Agency

Previous message: Mimi Zohar: "Re: [RFC] [PATCH] Replace security fields with hashtable"
In reply to: Mimi Zohar: "Re: [RFC] [PATCH] Replace security fields with hashtable"
Next in thread: Mimi Zohar: "Re: [RFC] [PATCH] Replace security fields with hashtable"
Next in thread: Chris Wright: "Re: [RFC] [PATCH] Replace security fields with hashtable"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Oct 29 2004 - 05:17:50 PDT