Re: [PATCH 2/5] Rework stubs in security.h

From: Chris Wright (chrisw@private)
Date: Fri Aug 26 2005 - 11:08:23 PDT

* Stephen Smalley (sds@private) wrote:
> That one isn't so much an issue as the xattr ones and vm_enough_memory
> case.  But more generally, if you think about moving toward a place
> where one can grant privileges to processes based solely on their
> role/domain, you'll need the same ability for capable and other hooks
> too.  Naturally, that can't be done safely without a lot more work on
> userspace and policy, but it is a long term goal.

Right, you've mentioned that before, thanks for bringing that up.

This archive was generated by hypermail 2.1.3 : Fri Aug 26 2005 - 11:08:51 PDT