So how does it harm the mainline kernel to have a system call reserved for LSM
and then not allow anything in the mainline kernel that uses it? Then we can
deploy modules using the current LSM design without harming the mainline
kernel.
The only code that we really want to see in the mainline kernel is the hooks
for permission checks. Personally I would not mind if no security module
ever gets included in Linus' source tree.
Disclaimer: This message is my own opinion, even if I was part of "team LSM"
I would not be representing them in this issue.
-- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/