Re: [patch 2.1.97] more capabilities support
Alexander Kjeldaas (astor@guardian.no)
Wed, 22 Apr 1998 22:27:10 +0200
On Wed, Apr 22, 1998 at 12:56:35PM -0400, Albert D. Cahalan wrote:
>
> Summary:
>
> At every point where security ought to be checked, he collects data
> needed for the check and passes it to a general security function.
> Most of the kernel gets a black-box view of security. The kernel
> maintains a database in /rsbac (on every mount point?) instead of
> modifying the ext2 filesystem. (that could be changed) There are a
> half-dozen security models implemented on his general framework.
>
What's really nice is that this is pretty much the same technique
needed to implement auditing in the kernel. I would just like to see
some nicer macros to avoid some of the clutter.
astor
--
Alexander Kjeldaas, Guardian Networks AS, Trondheim, Norway
http://www.guardian.no/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu