lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 24 Sep 2008 07:20:01 +1000 (EST) From: James Morris <jmorris@...ei.org> To: Alexey Dobriyan <adobriyan@...il.com> cc: Stephen Smalley <sds@...ho.nsa.gov>, david@...g.hm, Kentaro Takeda <takedakn@...data.co.jp>, linux-security-module@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, Toshiharu Harada <haradats@...data.co.jp> Subject: Re: [PATCH] Introduce new LSM hooks where vfsmount is available. On Tue, 23 Sep 2008, Alexey Dobriyan wrote: > > > > I don't see any technical errors in this patch. > > > > > > > > If it is going to be merged, please make a new config option for > > > > path-based hooks (similar to that for the network hooks), so they can be > > > > compiled out. > > Another pointless config option. Why is it pointless? If distros don't want to use these hooks, they shouldn't have to have them enabled. > > It's actually pretty surprising that SECURITY_NETWORK is > a) user-visible and b) is not SECURITY && NET. > > Same for SECURITY_NETWORK_XFRM. IIRC, this option was a perquisite for merge. Networking hooks have a relatively high overhead and not everyone wants to use them, even if they have networking enabled. - James -- James Morris <jmorris@...ei.org> -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists