Re: [patch 2.1.97] more capabilities support

Alexander Kjeldaas (astor@guardian.no)
Wed, 22 Apr 1998 22:27:10 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Oliver Neukum: "Re: 2.1.97 mm and cache - basic stupid idea included!"
Previous message: H. Peter Anvin: "Re: [OFFTOPIC] Re: unicode (char as abstract data type)"
In reply to: Richard Henderson: "Re: daemon-less kmod & Alpha no-go!"

On Wed, Apr 22, 1998 at 12:56:35PM -0400, Albert D. Cahalan wrote:
>
> Summary:
>
> At every point where security ought to be checked, he collects data
> needed for the check and passes it to a general security function.
> Most of the kernel gets a black-box view of security. The kernel
> maintains a database in /rsbac (on every mount point?) instead of
> modifying the ext2 filesystem. (that could be changed) There are a
> half-dozen security models implemented on his general framework.
>

What's really nice is that this is pretty much the same technique
needed to implement auditing in the kernel. I would just like to see
some nicer macros to avoid some of the clutter.

astor

-- Alexander Kjeldaas, Guardian Networks AS, Trondheim, Norway http://www.guardian.no/

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu

Next message: Oliver Neukum: "Re: 2.1.97 mm and cache - basic stupid idea included!"
Previous message: H. Peter Anvin: "Re: [OFFTOPIC] Re: unicode (char as abstract data type)"
In reply to: Richard Henderson: "Re: daemon-less kmod & Alpha no-go!"