Re: [RFC] LSM changes for 2.5.38

Greg KH (greg@kroah.com)
Fri, 27 Sep 2002 10:24:28 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Aristeu Sergio Rozanski Filho: "[patch] include missing on aironet4500.h"
Previous message: Aristeu Sergio Rozanski Filho: "[patch] stradis fixes"

On Fri, Sep 27, 2002 at 06:01:18PM +0100, Christoph Hellwig wrote:
> On Fri, Sep 27, 2002 at 09:55:56AM -0700, Greg KH wrote:
> > For cases like the module_* hooks, and the other examples you pointed
> > out, I agree.
> >
> > For other cases, capable() is just not fine grained enough to actually
> > know what is going on (like CAP_SYS_ADMIN). In those cases you need an
> > extra hook to determine where in the kernel you are.
>
> Either we make capable fine grained enough (64 or 128bit capability
> vectors, I have some old code for that around and I know SGI used that
> more than a year ago) or we replace the capable in those cases with hooks
> entirely.

I don't have a problem with either of these things, but don't see them
being completed any time soon. Unless you have some time to work on
this?

thanks,

greg k-h
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Aristeu Sergio Rozanski Filho: "[patch] include missing on aironet4500.h"
Previous message: Aristeu Sergio Rozanski Filho: "[patch] stradis fixes"