Re: [RFC] LSM changes for 2.5.38

• Next message: Christoph Hellwig: "[PATCH] cleanup some i386 mm init code"
• Previous message: Chris Wedgwood: "Re: [patch] 'virtual => physical page mapping cache', vcache-2.5.38-B8"
• In reply to: Christoph Hellwig: "Re: [RFC] LSM changes for 2.5.38"
• Next in thread: Christoph Hellwig: "Re: [RFC] LSM changes for 2.5.38"
• Reply: Christoph Hellwig: "Re: [RFC] LSM changes for 2.5.38"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 27 Sep 2002 17:55:10 BST, Christoph Hellwig said:

> And WTF is the use a security policy that checks module arguments? Do
> you want to disallow options that are quotes from books on the index
> or not political correct enough for a US state agency?

How about a security policy that says:

1) Thou mayest do an 'modprobe wvlan_cs'

2) Thou mayest not do 'modprobe wvlan_cs eth=0'.

'eth=0' causes it to create the interface as 'wvlan0' 'wvlan1' etc rather
than 'eth0', 'eth1', etc. This makes a difference if you have iptables
rules that say '-i eth+' or '-i wvlan+' that implement different rulesets
for wireless and hard-wired connections.

-- 
				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

• application/pgp-signature attachment: stored

• Next message: Christoph Hellwig: "[PATCH] cleanup some i386 mm init code"
• Previous message: Chris Wedgwood: "Re: [patch] 'virtual => physical page mapping cache', vcache-2.5.38-B8"
• In reply to: Christoph Hellwig: "Re: [RFC] LSM changes for 2.5.38"
• Next in thread: Christoph Hellwig: "Re: [RFC] LSM changes for 2.5.38"
• Reply: Christoph Hellwig: "Re: [RFC] LSM changes for 2.5.38"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Mon Sep 30 2002 - 22:00:32 EST