Re: Out of tree module using LSM

[Crispin Cowan]

Tvrtko A. Ursulin wrote:
> During one recent LKML discussion
> (http://marc.info/?l=linux-kernel&m=119267398722085&w=2) about
> LSM going
> static  you called for LSM users to speak up.
Great big clue: If "LSM" is in the subject line, then cc: the LSM list
linux-security-module@xxxxxxxxxxxxxxx

For LSM readers seeing this for the first time, the thread starts here
and goes for a while http://lkml.org/lkml/2007/11/28/106

I'm sympathetic to the desire to be able to provide a 3rd party LSM that
end users can install on their systems. That is why I advocated for
keeping the dynamic LSM interface. Getting the dynamic interface
restored faces a lot of challenges, but I hope that some kind of
solution can be found, because the alternative is to effectively force
vendors like Sophos to do it the "dirty" way by fishing in memory for
the syscall table. I would much rather that Linux offers you a way to do
what you need to do than force you to do nasty things.

Crispin

-- 
Crispin Cowan, Ph.D.               http://crispincowan.com/~crispin
CEO, Mercenary Linux		   http://mercenarylinux.com/
	       Itanium. Vista. GPLv3. Complexity at work

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/