Re: [PATCH 2/5] Rework stubs in security.h

From: Tony Jones (tonyj@private)
Date: Fri Aug 26 2005 - 11:03:39 PDT


On Fri, Aug 26, 2005 at 10:59:52AM -0700, Chris Wright wrote:
> * Tony Jones (tonyj@private) wrote:
> > The discussion about composing with commoncap made me think about whether
> > this is the best way to do this.   It seems that we're heading towards a
> > requirement that every module internally compose with commoncap.  
> 
> Not a requirement, it's a choice ATM.

Can you think of a case where the choice (on the part of the module author)
to not do so makes any sense?

> Heh, this was next on my list.  I just wanted to separate the changes to
> one at a time so we can easily measure the impact.  This becomes another
> policy shift.

I understand the advantages of clearly measuring the impact of each change
independantly but with SELinux having to change how they use their secondaries 
at the same time, I'm not sure there is a lot of difference between the 
two phases.

> > If every module is already internally composing, there shouldn't be a 
> > performance cost for the additional branch inside the #ifdef.
> 
> This needs measurement to verify.

Agreed.  So does the current proposal :-)

Tony



This archive was generated by hypermail 2.1.3 : Fri Aug 26 2005 - 11:08:09 PDT