[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20071128195042.047049fc@the-village.bc.nu>
Date: Wed, 28 Nov 2007 19:50:42 +0000
From: Alan Cox <alan@...rguk.ukuu.org.uk>
To: tvrtko.ursulin@...hos.com
Cc: Stephen Hemminger <shemminger@...ux-foundation.org>,
linux-kernel@...r.kernel.org
Subject: Re: Out of tree module using LSM
> So as there is no question the current code does some ugly things it is
> even more true that we would be even more happy to use an official API.
> LSM was that and we were happily using it which we won't be able to do if
> it abruptly goes away. Yes it is not a perfect match but until it is
> modified to be better, or until something appropriate is designed and
> implemented, it would be very nice if it could stay.
So for an SELinux based system what you are saying is you want to be able
to stack your module with the SELinux module and after SELinux has
considered policy rules still be able to veto them on the grounds that
you are say about to serve a virus to a windows box ?
Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists