--- Stephen Smalley <sds@private> wrote: > IMHO, the more important reason was that it opened > up a gateway for > arbitrary interfaces into the kernel without peer > review, much like > ioctl. I believe that Stephen has the nut of it. The goal of LSM is a framework for the addition of supplemental policy enforcement mechanisms, and there's at least one school that holds the opinion that those mechanisms shouldn't require additional system calls. It has also been pointed out that there are already enough mechanisms available for the kinds of things syscalls do that no one really needs a new syscall these days. Casey Schaufler casey@schaufler-ca.com __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
This archive was generated by hypermail 2.1.3 : Mon Apr 18 2005 - 08:15:59 PDT