Hi On Monday 14 March 2005 03:59, Seth Arnold wrote: > On Fri, Mar 11, 2005 at 05:17:23AM -0800, Park Lee wrote: > > But, as we know, sys_security was rejected by the > > Linux mainline kernel. then, Is there any other > > security system call that is provided for > > security-aware applications in LSM? or, Does LSM > > still use the general security system call? We maintained a system call (our own) for the Umbrella Project for a long time. It is certainly not recommended. The patch needs reworking for almost every new release of the vanilla Linux kernel. > > The general security system call is not available in kernels deployed > by users. > > In lieu of this system call, you (as an LSM implementer) have several > options for userland<->kernel communication: > > o /proc/*/attr/* > o making your own /proc/ files (not recommended) Why not? It is simple, effective and transparent :-) You mention that sysfs is the way to go. What is the real difference between sysfs and procfs? Cheers, Kristian. -- Kristian Sørensen - The Umbrella Project -- Security for Consumer Electronics http://umbrella.sourceforge.net E-mail: ipqw@private, Phone: +45 29723816
This archive was generated by hypermail 2.1.3 : Mon Mar 14 2005 - 00:11:08 PST