Re: [PATCH][LSM] Early init for security modules and various cleanups

From: Chris Friesen (
Date: Mon Jun 02 2003 - 09:40:08 EST

Stephen Smalley wrote:
> On Mon, 2003-06-02 at 06:44, Andrew Morton wrote:
>>Chris Wright <> wrote:
>>>security_capable() returns 0 if that capability bit is set.
>>That's just bizarre. Is there any logic behind it?
> The LSM access control hooks all return 0 on success (i.e. permission
> granted) and negative error code on failure, like most of the rest of
> the kernel interfaces (e.g. consider permission())

Maybe it should be called "security_incapable() and then the return code can be
treated as a boolean true/false....


Chris Friesen                    | MailStop: 043/33/F10
Nortel Networks                  | work: (613) 765-0557
3500 Carling Avenue              | fax:  (613) 765-2986
Nepean, ON K2H 8E9 Canada        | email:

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to More majordomo info at Please read the FAQ at

This archive was generated by hypermail 2b29 : Sat Jun 07 2003 - 22:00:16 EST