Re: [PATCH 5/9] Make use of permissions, returned by kobj_lookup

From: Al Viro
Date: Fri Mar 07 2008 - 12:08:24 EST

Next message: Kok, Auke: "Re: [PATCH] drivers/net/ixgb - convert boolean_t to bool"
Previous message: Randy Dunlap: "Re: [PATCH] [6/13] Core maskable allocator"
In reply to: Greg KH: "Re: [PATCH 5/9] Make use of permissions, returned by kobj_lookup"
Next in thread: Serge E. Hallyn: "Re: [PATCH 5/9] Make use of permissions, returned by kobj_lookup"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Mar 07, 2008 at 09:01:04AM -0800, Greg KH wrote:

> Again, I object to this as you are driving a new security policy
> infrastructure into the device node logic where it does not belong as we
> already have this functionality in the LSM interface today. Please use
> that one instead and don't clutter up the kernel with "one-off" security
> changes like this one.
>
> Please try the LSM interface and see what happens. If, after you have
> created a patch, you still have objections, please post it for review
> and I will be glad to revisit my opinion at that time.

Not that per-container mappings on that level made any kind of sense in
the first place...
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Kok, Auke: "Re: [PATCH] drivers/net/ixgb - convert boolean_t to bool"
Previous message: Randy Dunlap: "Re: [PATCH] [6/13] Core maskable allocator"
In reply to: Greg KH: "Re: [PATCH 5/9] Make use of permissions, returned by kobj_lookup"
Next in thread: Serge E. Hallyn: "Re: [PATCH 5/9] Make use of permissions, returned by kobj_lookup"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]