Re: kernel stack challenge

From: Chris Wright
Date: Mon Apr 05 2004 - 18:01:36 EST

Next message: Pavel Machek: "Telling user machine is going to crash at KERN_WARNING level is good joke"
Previous message: Andrzej Krzysztofowicz: "PTS alocation problem with 2.6.4/2.6.5"
In reply to: Horst von Brand: "Re: kernel stack challenge"
Next in thread: Sergiy Lozovsky: "Re: kernel stack challenge"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Sergiy Lozovsky (serge_lozovsky@xxxxxxxxx) wrote:
> No :-) What you suggest is kernel should receive
> system call from user space. Instead of handling it -
> kernel should forward it back to userspace, than it
> should be forwarded back to the kernel. Looks not very
> nice to me. Why not to handle security policy inside
> the kernel as it is done for the file permissions and
> root priveleges?

All this can be done w/out having a LISP interpretter coming along for the
ride, that's the point of the other posters. With LSM you have a
framework for implementing your own security model and enforcing your own
policies.

thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Pavel Machek: "Telling user machine is going to crash at KERN_WARNING level is good joke"
Previous message: Andrzej Krzysztofowicz: "PTS alocation problem with 2.6.4/2.6.5"
In reply to: Horst von Brand: "Re: kernel stack challenge"
Next in thread: Sergiy Lozovsky: "Re: kernel stack challenge"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]