Re: [PATCH 2/5] Rework stubs in security.h

From: Chris Wright (chrisw@private)
Date: Fri Aug 26 2005 - 11:08:23 PDT

Previous message: Tony Jones: "Re: [PATCH 2/5] Rework stubs in security.h"
In reply to: Stephen Smalley: "Re: [PATCH 2/5] Rework stubs in security.h"
Next in thread: Tony Jones: "Re: [PATCH 2/5] Rework stubs in security.h"
Next in thread: Chris Wright: "[PATCH 5/5] Remove unnecesary capability hooks in rootplug."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

* Stephen Smalley (sds@private) wrote:
> That one isn't so much an issue as the xattr ones and vm_enough_memory
> case.  But more generally, if you think about moving toward a place
> where one can grant privileges to processes based solely on their
> role/domain, you'll need the same ability for capable and other hooks
> too.  Naturally, that can't be done safely without a lot more work on
> userspace and policy, but it is a long term goal.

Right, you've mentioned that before, thanks for bringing that up.

Previous message: Tony Jones: "Re: [PATCH 2/5] Rework stubs in security.h"
In reply to: Stephen Smalley: "Re: [PATCH 2/5] Rework stubs in security.h"
Next in thread: Tony Jones: "Re: [PATCH 2/5] Rework stubs in security.h"
Next in thread: Chris Wright: "[PATCH 5/5] Remove unnecesary capability hooks in rootplug."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 26 2005 - 11:08:51 PDT