From: Kees Cook <kees@ubuntu.com>
To: Casey Schaufler <casey@schaufler-ca.com>
Cc: linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org,
John Johansen <john.johansen@canonical.com>
Subject: Re: [PATCH 0/4] AppArmor: refactor securityfs to use structures
Date: Fri, 27 Jan 2012 12:05:52 -0800 [thread overview]
Message-ID: <20120127200551.GV4592@outflux.net> (raw)
In-Reply-To: <4F22F2D4.4080605@schaufler-ca.com>
Hi Casey,
On Fri, Jan 27, 2012 at 10:54:12AM -0800, Casey Schaufler wrote:
> On 1/26/2012 4:29 PM, Kees Cook wrote:
> >This is the ground-work for expanding the AppArmor securityfs to include
> >useful information that the userspace tools can more easily interact with.
> >Presently, this is only static information about the state of AppArmor.
>
> If you're making changes for securityfs do you suppose that
> you might do all of us LSM developers a huge favor and add an
> entry that reports the active LSM? It's something that has been
> on my todo list for ages and would make everyone's life so much
> easier. /sys/kernel/security/LSM which contains the name of the
> active LSM would be very handy.
Should that appear in the securityfs? Normally one can just mount it
and look to see what's in there. And, I'm nervous to add a file here
without a good LSM stacking plan yet. I'd hate to create another interface
that needs to be redefined later. :)
-Kees
--
Kees Cook
next prev parent reply other threads:[~2012-01-27 20:06 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-27 0:29 [PATCH 0/4] AppArmor: refactor securityfs to use structures Kees Cook
2012-01-27 0:29 ` [PATCH 1/4] " Kees Cook
2012-01-27 19:34 ` John Johansen
2012-01-27 0:29 ` [PATCH 2/4] AppArmor: add initial "features" directory to securityfs Kees Cook
2012-01-27 19:34 ` John Johansen
2012-01-27 0:29 ` [PATCH 3/4] AppArmor: add "file" details " Kees Cook
2012-01-27 19:34 ` John Johansen
2012-01-27 0:29 ` [PATCH 4/4] AppArmor: export known rlimit names/value mappings in securityfs Kees Cook
2012-01-27 19:35 ` John Johansen
2012-01-27 18:54 ` [PATCH 0/4] AppArmor: refactor securityfs to use structures Casey Schaufler
2012-01-27 20:05 ` Kees Cook [this message]
2012-01-27 19:38 ` John Johansen
2012-01-30 1:09 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120127200551.GV4592@outflux.net \
--to=kees@ubuntu.com \
--cc=casey@schaufler-ca.com \
--cc=john.johansen@canonical.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.