Re: [PATCH] remove selinux stacked ops

From: Chris Wright (chrisw@private)
Date: Fri Aug 26 2005 - 09:22:41 PDT

* Stephen Smalley (sds@private) wrote:
> On Fri, 2005-08-26 at 07:58 -0400, Stephen Smalley wrote:
> > Ok, as with my prior comment, this one is also invalidated by the fact
> > that the static inlines fall back to the cap_ functions if the operation
> > is NULL.  So I suppose this would work.
> Given these changes, what purpose does the capability module and the
> CONFIG_SECURITY_CAPABILITIES option serve anymore?  Should capability.c
> be removed entirely?

I left it for two reasons.  Making it built-in will mean you can't
load another security module.  Some distros use the module already, so
it's compatibility.  These aren't the best reasons to keep it long term.

> Also seems to obsolete the cap_stack module in the stacking patch set.

I believe so.


This archive was generated by hypermail 2.1.3 : Fri Aug 26 2005 - 09:23:08 PDT