| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <47FDAC57.9000701@nttdata.co.jp>
Date: Thu, 10 Apr 2008 14:57:43 +0900
From: Toshiharu Harada <haradats@...data.co.jp>
To: Stephen Smalley <sds@...ho.nsa.gov>
CC: Paul Moore <paul.moore@...com>,
Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>,
akpm@...ux-foundation.org, linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
Kentaro Takeda <takedakn@...data.co.jp>,
linux-fsdevel <linux-fsdevel@...r.kernel.org>,
linux-netdev <netdev@...r.kernel.org>
Subject: Re: [TOMOYO #7 30/30] Hooks for SAKURA and TOMOYO.
On 4/9/2008 9:49 PM, Stephen Smalley wrote:
>> We cordially request LSM changes to pass vfsmount parameters.
>
> Don't cordially request it - submit patches to make it happen. Or work
> with others who have been submitting such patches.
You are (always) right. :)
> There are two options:
> 1) Submit patches to pass down the vfsmounts to the vfs helpers so that
> they can be passed to the existing security_inode hooks. -or-
> 2) Submit patches to add new security hooks to the callers where the
> vfsmount is already available (some have suggested moving the existing
> security_inode hooks to the callers, but that would cause problems for
> SELinux as I've posted elsewhere, so adding new hooks is preferable, and
> then SELinux can just default to the dummy functions for those new
> hooks).
Thank you for your suggestions. I drew a diagram. Is this correct?
Regards,
Toshiharu Harada
NTT DATA CORPORATION
Download attachment "options.png" of type "image/png" (40962 bytes)
Powered by blists - more mailing lists