Re: [PATCH] accessfs v0.6 ported to 2.5.35-lsm1 - 1/2

Greg KH (greg@kroah.com)
Fri, 27 Sep 2002 14:46:42 -0700


On Fri, Sep 27, 2002 at 08:55:52PM +0200, Olaf Dietsche wrote:
>
> +static int cap_ip_prot_sock (int port)
> +{
> + if (port && port < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE))
> + return -EACCES;
> +
> + return 0;
> +}
> +

Do we really want to force all of the security modules to implement this
logic (yes, it's the same discussion again...)

As for the ip_prot_sock hook in general, does it look ok to the other
developers?

thanks,

greg k-h
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/