| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 27 Sep 2010 13:01:36 -0400 From: Eric Paris <eparis@...hat.com> To: James Morris <jmorris@...ei.org> Cc: linux-kernel@...r.kernel.org, selinux@...ho.nsa.gov, netfilter-devel@...r.kernel.org, sds@...ho.nsa.gov, jengelh@...ozas.de, paul.moore@...com, casey@...aufler-ca.com, linux-security-module@...r.kernel.org, netfilter@...r.kernel.org, mr.dash.four@...glemail.com Subject: Re: [PATCH 3/6] secmark: export binary yes/no rather than kernel internal secid On Mon, 2010-09-27 at 10:50 +1000, James Morris wrote: > On Fri, 24 Sep 2010, Eric Paris wrote: > For the reasons above, I think the secctx string needs to be exported in > addition to this rather than instead of. I won't argue, I don't agree with your reasoning, but I'm not opposed to this result. We have 3 competing suggestions: Jan suggested we: completely eliminate secmark from procfs+netlink and only export secctx in netlink. Eric suggested we: completely eliminate secmark from procfs+netlink and then export secctx in procfs+netlink sounds like James suggested we: continue to export meaningless and confusing secmark from procfs+netlink and then export secctx in procfs+netlink as well. I'm going to implement James' idea and resend the patch series. Any strong objections? -Eric -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists