On Thu, Jul 12, 2001 at 07:37:36PM +0100, Anton Altaparmakov wrote:
>
> This seems very good in view of implementing ACL support for NTFS, too. -
> We have all the NTFS layout knowledge to do it now. We just lack the
> kernel/user space infrastructure.
>
> When designing this modular security infrastructure it would be useful if
> it is made generic enough to allow callbacks into user space for permission
> checking.
The current model lets you do whatever you want in your kernel module.
It imposes no policy, that's up to you.
All the better to keep userspace callbacks for security out of my
kernels, for that way is ripe for problems (for specific examples why,
see the linux-security-module mailing list archives.)
thanks,
greg k-h
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 15 2001 - 21:00:17 EST