Re: [PATCH v14 3/6] LSM: Explicit individual LSM associations
From: Paul Moore
Date: Thu Aug 01 2013 - 17:30:41 EST
On Thursday, August 01, 2013 11:52:14 AM Casey Schaufler wrote:
> On 8/1/2013 11:35 AM, Paul Moore wrote:
> > Okay, so if I understand everything correctly, there are no new entries in
> > /proc relating specifically to NetLabel, XFRM, or Secmark; although there
> > are new LSM specific entries for the general /proc entries that exist
> > now. Yes?
>
> That's correct.
>
> There is /sys/kernel/security/present, which tells you which LSM is going to
> show up in /proc/.../attr/current.
>
> Should we have /sys/kernel/security/XFRM, /sys/kernel/security/secmark,
> /sys/kernel/security/NetLabel and /sys/kernel/security/SO_PEERCRED?
Maybe.
While they might be helpful, I'm not 100% certain they are needed and further
I'm not sure they are the "right" solution at this point. Any thoughts, both
for and against, are welcome.
--
paul moore
www.paul-moore.com
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/