Re: [TOMOYO #16 00/25] Starting TOMOYO 2.3

From: Tetsuo Handa
Date: Wed Oct 07 2009 - 00:10:57 EST

Next message: Tom Zanussi: "Re: [RFC][PATCH 8/9] perf trace: Add perf trace scripting supportmodules for Perl"
Previous message: Tom Zanussi: "Re: [RFC][PATCH 8/9] perf trace: Add perf trace scripting supportmodules for Perl"
In reply to: Pavel Machek: "Re: [TOMOYO #16 00/25] Starting TOMOYO 2.3"
Next in thread: Pavel Machek: "Re: [TOMOYO #16 00/25] Starting TOMOYO 2.3"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello.

Pavel Machek wrote:
>> Since this patchset is not yet accepted, I haven't written documentation for
>> TOMOYO 2.3. You can see http://tomoyo.sourceforge.jp/1.7/policy-reference.html
>> instead.
>
>New, undocumented user/kernel api is no-no.

I'll update api description by final submission.

Main purpose of this submission is to

(1) know whether 01, 02, 03, 05 and 06 are acceptable or not.
If 05 is not acceptable, the rest of patchset needs to be rewritten.
Please review 01, 02, 03, 05 and 06 before reviewing the rest.

(2) know which features are acceptable.
This submission includes proposal of new features.

Use of customized d_path().
Network filtering including incoming TCP connections.
Audit logs.
Conditional permissions.
Interactive enforcing mode.
Sleep penalty.
Execute handler.
Environment variable name checking.
Non POSIX capability checking.

Unacceptable features will be dropped from next submission.

>> Conventionally, patches should be submitted in the form of diff file.
>> But this time, I submit in the form of entire file due to amount of changes.
>
> That's also no-no.

I have a question.
Is the diff file based on existing files more preferable for reviewers to
review than totally rewritten files, even if "total lines of diff files" is
close to "total lines of rewritten files"?

Amount of rewritten files:
# cat security/tomoyo/* | wc -l
17250

Amount of diff based on existing files:
# diff -Nur security/tomoyo.2.2/ security/tomoyo/ | wc -l
16945
# diff -Nur security/tomoyo.2.2/ security/tomoyo/ | diffstat -f0
24 files changed, 13495 insertions(+), 2216 deletions(-)

I posted rewritten files because I thought reading 17250 insertions is less
difficult than reading 16945 lines of diff file with complicated mixture of
13495 insertions and 2216 deletions.

Regards.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Tom Zanussi: "Re: [RFC][PATCH 8/9] perf trace: Add perf trace scripting supportmodules for Perl"
Previous message: Tom Zanussi: "Re: [RFC][PATCH 8/9] perf trace: Add perf trace scripting supportmodules for Perl"
In reply to: Pavel Machek: "Re: [TOMOYO #16 00/25] Starting TOMOYO 2.3"
Next in thread: Pavel Machek: "Re: [TOMOYO #16 00/25] Starting TOMOYO 2.3"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]