Re: Linux Security *Module* Framework (Was: LSM conversion to static interface)

On Oct 30 2007 12:14, Casey Schaufler wrote:

quoted text

> >while others including SELinux will go their own ways. So long >as LSMs are self contained and strictly restrictive the >mechanisms they use to modulate their behavior shouldn't be an >issue. If SELinux chooses to turn its MLS controls off between >midnight and 3am I can't see how that would be Smack's business, >even if they were somehow stacked. Multiple LSMs has issues, >like what should security_secid_to_secctx() return to the audit >system, but privilege model shouldn't be one of them.

I am with you on that. And for everybody who missed it: MultiAdmin only grants rights at the same time commoncap does (e.g. on setuid and bprm_set_security). And all modules DO work with commoncap, now don't they? -

unsubscribe notice

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/


linux-kernel:
Linus Torvalds	Linux 2.6.27-rc8
Rafael J. Wysocki	2.6.27-rc4-git1: Reported regressions from 2.6.26
David Miller	[GIT]: Networking
Greg KH	[GIT PATCH] driver core patches against 2.6.24
git:
Miklos Vajna	[rfc] git submodules howto
Catalin Marinas	Re: [StGIT PATCH] Don't use patches/<branch>/current
Lars Hjemli	[ANNOUNCE] cgit 0.8
Junio C Hamano	Re: [RFC] introduce GIT_WORK_DIR environment variable
openbsd-misc:
rezidue	Speed Problems
Chris	Prolific USB-Serial Controller
Richard Daemon	Nfsen and php problems...?
Richard Stallman	Real men don't attack straw men
linux-netdev:
Jarek Poplawski	[PATCH take 2] pkt_sched: Protect gen estimators under est_lock.
Steve Glendinning	[PATCH] SMSC LAN911x and LAN921x vendor driver
Arjan van de Ven	Re: [GIT]: Networking
Denys	r8169 crash


the kernel how to power off the machine	7 hours ago	Linux kernel
struct gendisk via request_queue	9 hours ago	Linux kernel
usb mic not detected	12 hours ago	Applications and Utilities
page initialization during kernel initialization	1 day ago	Linux kernel
Read Transport Layer Data form network packets (tcp/ip)	2 days ago	Linux kernel
Getting blinking screen in Fedora 9	2 days ago	Linux general
Problem with kernel + libata	2 days ago	Linux kernel
How to detect usb device insertioin and removal event ?	3 days ago	Linux general
toshiba m30x-129 herbinaiton problem	3 days ago	Hardware
some questions regarding implement new congestion algorithm in kernel	3 days ago	Linux kernel

Re: Linux Security Module Framework (Was: LSM conversion to static interface)

Online users