Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified Mandatory Access Control Kernel

[Casey Schaufler]

--- Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote:

> On Sun, Sep 30, 2007 at 01:16:18AM -0700, Andrew Morton wrote:
> > reviewed the August thread from your version 1 submission and the message I
> > take away is that the code has been well-received and looks good when
> > considered on its own merits, but selinux could probably be configured to
> > do something sufficiently similar.
> > 
> > I'd have trouble declaring that "but" to be a reason to not merge smack.
> > I'm more thinking "let's merge it and see if people use it".
> 
> I'm not sure this was discussed on the list, but as long as Casey doesn't
> get rid of the magic symlinks (smackfs_follow_link), there's a clear NACK
> from the VFS perspective.

OK, this is news to me. What's the objection?

> Otherwise the code looks pretty well written, alhough a run through
> checkpath.pl to fix the lose end might help.  Oh, and please to compile-time
> initializations for the spinlocks and mutex currently initializes in
> smack_init.  Also the -Inet/netlabel looks rather odd, please work with
> the netlabel maintainer to move the required files to the include/
> hierachy.

Paul and I discussed this earlier, and will again.

Thank you.


Casey Schaufler
casey@xxxxxxxxxxxxxxxx
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/