lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <200910070409.n9749OQ1092174@www262.sakura.ne.jp>
Date:	Wed, 07 Oct 2009 13:09:24 +0900
From:	Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
To:	pavel@....cz
Cc:	linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [TOMOYO #16 00/25] Starting TOMOYO 2.3

Hello.

Pavel Machek wrote:
>> Since this patchset is not yet accepted, I haven't written documentation for
>> TOMOYO 2.3. You can see http://tomoyo.sourceforge.jp/1.7/policy-reference.html
>> instead.
>
>New, undocumented user/kernel api is no-no.

I'll update api description by final submission.

Main purpose of this submission is to

(1) know whether 01, 02, 03, 05 and 06 are acceptable or not.
    If 05 is not acceptable, the rest of patchset needs to be rewritten.
    Please review 01, 02, 03, 05 and 06 before reviewing the rest.

(2) know which features are acceptable.
    This submission includes proposal of new features.

      Use of customized d_path().
      Network filtering including incoming TCP connections.
      Audit logs.
      Conditional permissions.
      Interactive enforcing mode.
      Sleep penalty.
      Execute handler.
      Environment variable name checking.
      Non POSIX capability checking.

    Unacceptable features will be dropped from next submission.

>> Conventionally, patches should be submitted in the form of diff file.
>> But this time, I submit in the form of entire file due to amount of changes.
>
> That's also no-no.

I have a question.
Is the diff file based on existing files more preferable for reviewers to
review than totally rewritten files, even if "total lines of diff files" is
close to "total lines of rewritten files"?

Amount of rewritten files:
# cat security/tomoyo/* | wc -l
17250

Amount of diff based on existing files:
# diff -Nur security/tomoyo.2.2/ security/tomoyo/ | wc -l
16945
# diff -Nur security/tomoyo.2.2/ security/tomoyo/ | diffstat -f0
 24 files changed, 13495 insertions(+), 2216 deletions(-)

I posted rewritten files because I thought reading 17250 insertions is less
difficult than reading 16945 lines of diff file with complicated mixture of
13495 insertions and 2216 deletions.

Regards.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ