From: John Richard Moser <nigelenki@comcast.net>
To: Valdis.Kletnieks@vt.edu
Cc: Al Viro <viro@parcelfarce.linux.theplanet.co.uk>,
"Randy.Dunlap" <rddunlap@osdl.org>,
linux-kernel@vger.kernel.org
Subject: Re: /proc parent &proc_root == NULL?
Date: Thu, 27 Jan 2005 02:43:27 -0500 [thread overview]
Message-ID: <41F89B9F.8010605@comcast.net> (raw)
In-Reply-To: <200501270710.j0R7AhIN003672@turing-police.cc.vt.edu>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Valdis.Kletnieks@vt.edu wrote:
> On Thu, 27 Jan 2005 01:51:05 EST, John Richard Moser said:
>
>
>>mmm. I'd thought about that actually-- for modules to get a whack at
>>this they'd have to be compiled in. Loaded as modules would break the
>>security.
>
>
> And that, my friends, is *exactly* why SELinux can't be built as a module ;)
:) So far my little grkernsec module hasn't hit any bumps like that;
though so far I haven't copied much of spender's code. I'm sure the
chroot() restrictions will easily be make for a loadable module.
At this point, I should be making more important design decisions. For
example, why am I still doing this? Isn't there something better for me
to do than clone LSM and GrSecurity, attempt (*cough*) to improve on the
original designs, and then harass kernel devs about problems I'm having
with things that are just meant to be toys for me anyway?
- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitly stated.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFB+JuehDd4aOud5P8RAg+WAJ451ls4FIMG0wm/r3pa/dPpcasRugCeP5j9
be2STVV+vC2B1ScYYQNmMY0=
=IjCv
-----END PGP SIGNATURE-----
next prev parent reply other threads:[~2005-01-27 7:43 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-01-26 23:04 /proc parent &proc_root == NULL? John Richard Moser
2005-01-27 1:25 ` Randy.Dunlap
2005-01-27 2:33 ` John Richard Moser
2005-01-27 3:15 ` Al Viro
2005-01-27 3:35 ` John Richard Moser
2005-01-27 6:40 ` Valdis.Kletnieks
2005-01-27 6:51 ` John Richard Moser
2005-01-27 7:10 ` Valdis.Kletnieks
2005-01-27 7:43 ` John Richard Moser [this message]
2005-01-27 6:53 ` Valdis.Kletnieks
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=41F89B9F.8010605@comcast.net \
--to=nigelenki@comcast.net \
--cc=Valdis.Kletnieks@vt.edu \
--cc=linux-kernel@vger.kernel.org \
--cc=rddunlap@osdl.org \
--cc=viro@parcelfarce.linux.theplanet.co.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.