| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 5 Aug 2006 23:25:49 -0500 From: "Serge E. Hallyn" <serue@...ibm.com> To: Alexey Dobriyan <adobriyan@...il.com> Cc: Andrew Morton <akpm@...l.org>, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org Subject: Re: [PATCH -mm] fs.h: ifdef security fields Quoting Alexey Dobriyan (adobriyan@...il.com): > [BSD security levels are deleted in -mm, assuming this below] > > The only user of i_security, f_security, s_security fields is SELinux, > so ifdef them with CONFIG_SECURITY_SELINUX. Following Stephen Smalley's The SLIM security module, which is trying to get upstream, uses at least i_security and f_security. The Argus module supposedly being submitted "soon" which is used in their LSPP product, surely must use them all. Maybe you still want to make these CONFIG_SECURITY_SELINUX until the other modules are upstreamed, but I just wanted to make sure you knew other modules, trying to get upstream, are using them. Personally I'd say these are a core part of the LSM framework, and if you don't want LSM, compile it out. But since I realize that using only capabilities must be a pretty common case, how about just adding a config option CONFIG_SECURITY_OBJFIELDS, which is auto-enabled with SELINUX and default off, which hides these fields instead? Patch should be trivial, and I can aim to send one tomorrow. -serge - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists