Re: Security hooks, "standard linux security" & embedded use

Greg KH (greg@kroah.com)
Thu, 12 Jul 2001 11:47:29 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Kenneth Vestergaard Schmidt: "Re: Again: Linux 2.4.x and AMD Athlon"
Previous message: Pavel Machek: "Re: RFC: modules and 2.5"
In reply to: Anton Altaparmakov: "Re: Security hooks, "standard linux security" & embedded use"

On Thu, Jul 12, 2001 at 07:37:36PM +0100, Anton Altaparmakov wrote:
>
> This seems very good in view of implementing ACL support for NTFS, too. -
> We have all the NTFS layout knowledge to do it now. We just lack the
> kernel/user space infrastructure.
>
> When designing this modular security infrastructure it would be useful if
> it is made generic enough to allow callbacks into user space for permission
> checking.

The current model lets you do whatever you want in your kernel module.
It imposes no policy, that's up to you.

All the better to keep userspace callbacks for security out of my
kernels, for that way is ripe for problems (for specific examples why,
see the linux-security-module mailing list archives.)

thanks,

greg k-h
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Kenneth Vestergaard Schmidt: "Re: Again: Linux 2.4.x and AMD Athlon"
Previous message: Pavel Machek: "Re: RFC: modules and 2.5"
In reply to: Anton Altaparmakov: "Re: Security hooks, "standard linux security" & embedded use"