Re: [BK PATCH] LSM changes for 2.5.59

Stephen D. Smalley (sds@epoch.ncsc.mil)
Wed, 5 Feb 2003 08:45:16 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Brian Gerst: "[PATCH] Break up i386_ksyms.c"
Previous message: Stephan von Krawczynski: "Re: 2.4.21-pre4: PDC ide driver problems with shared interrupts"
Maybe in reply to: Greg KH: "[BK PATCH] LSM changes for 2.5.59"
Next in thread: Christoph Hellwig: "Re: [BK PATCH] LSM changes for 2.5.59"
Reply: Christoph Hellwig: "Re: [BK PATCH] LSM changes for 2.5.59"

Christoph Hellwig wrote:
> I still don't see the issue of each LSM module having to duplicate the list
> of sysctls beeing addressed. Coul you please work something out for that
> before sending it for inclusion?

I already responded to this concern in
http://marc.theaimsgroup.com/?l=linux-kernel&m=104316038729345&w=2 and
http://marc.theaimsgroup.com/?l=linux-security-module&m=104316278400987&w=2.
At most, a field might be added to the ctl_table structure so that the kernel
can provide a hint to security modules as to its view of the sensitivity of
a given sysctl variable, but this does not require any change to the sysctl
hook interface.

-- Stephen Smalley, NSA sds@epoch.ncsc.mil

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Next message: Brian Gerst: "[PATCH] Break up i386_ksyms.c"
Previous message: Stephan von Krawczynski: "Re: 2.4.21-pre4: PDC ide driver problems with shared interrupts"
Maybe in reply to: Greg KH: "[BK PATCH] LSM changes for 2.5.59"
Next in thread: Christoph Hellwig: "Re: [BK PATCH] LSM changes for 2.5.59"
Reply: Christoph Hellwig: "Re: [BK PATCH] LSM changes for 2.5.59"