Re: LSM patch for Linux-2.4.20-8

From: Chris Wright (chrisw@private)
Date: Fri Jan 21 2005 - 11:15:05 PST


* Syed Ahemed (kingkhan@private) wrote:
> Question 1 :
> --------------------
> Everytime a user application tries to create the socket the
> net/socket.c : sock_create is invoked and this function intern calls
> the security_ops->socket_create function for LSM check ,  Now where
> and how  does the selinux_socket_create come into picture .I mean how
> does it get invoked ?

See register_security() and its users.  LSM provides module programmable
callbacks.  It calls into the module at all the hook points.  The module
registers with LSM framework to program its callbacks.

> 
> Question 2 :
> ------------------
> security_ops->socket_create( ) is the hook employed by the LSM framework
> selinux_socket_create ( ) is the implementation of the security module
> function
> Am i right ?

Yes.

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net



This archive was generated by hypermail 2.1.3 : Fri Jan 21 2005 - 11:15:35 PST