Re: [RFC][PATCH} 2.6 and grsecurity

From: Chris Wright
Date: Mon Feb 16 2004 - 21:17:33 EST

Next message: Huw Rogers: "2.6.3-rc3-mm1 - COMPILE FAILURE"
Previous message: Paul E. McKenney: "Non-GPL export of invalidate_mmap_range"
In reply to: Valdis . Kletnieks: "[RFC][PATCH} 2.6 and grsecurity"
Next in thread: Valdis . Kletnieks: "Re: [RFC][PATCH} 2.6 and grsecurity"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Valdis.Kletnieks@xxxxxx (Valdis.Kletnieks@xxxxxx) wrote:
> Here's the patch, versioned against 2.6.3-rc3-mm1. Comments?

Aside of the dubious security value...the typical no #ifdefs apply here.

> +#ifdef CONFIG_SECURITY_RANDID
> + if (security_enable_randid)
> + id = ip_randomid();
> + else
> +#endif

e.g. move the ifdef to header and move the if(enable) bit to ip_randomid().
ditto for all similar cases below. it's not clear to me these are
particularly useful features though.

> + * 3. All advertising materials mentioning features or use of this software
> + * must display the following acknowledgement:
> + * This product includes software developed by Niels Provos.

Advertsing clause...this is not GPL compatible.

thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Huw Rogers: "2.6.3-rc3-mm1 - COMPILE FAILURE"
Previous message: Paul E. McKenney: "Non-GPL export of invalidate_mmap_range"
In reply to: Valdis . Kletnieks: "[RFC][PATCH} 2.6 and grsecurity"
Next in thread: Valdis . Kletnieks: "Re: [RFC][PATCH} 2.6 and grsecurity"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]