On Tue, 2005-02-01 at 10:38, Serge Hallyn wrote: > Really, I guess even with the case of bsdjail, you could insert the > module anytime, since it only creates jails on new processes. On the > other hand, whereas it currently only creates a jail when a process does > an exec under certain conditions, it now would have to create an empty > jail for each newly created process. I also see a problem with module > unloading, since an LSM can't just run through and delete all it's data. > Just using kref structs doesn't even help since the free hook would have > to remain loaded. The structure allocated upon the alloc_security could be just a trivial container structure with a pointer to the real structure to be filled in later upon the exec, so that you don't have to manipulate the chain of security objects at that time. Module removal has plenty of other safety issues already, doesn't it? -- Stephen Smalley <sds@private> National Security Agency
This archive was generated by hypermail 2.1.3 : Tue Feb 01 2005 - 06:40:14 PST