From: greg@kroah.com (Greg KH)
To: kernelnewbies@lists.kernelnewbies.org
Subject: Is there mailist about LSM
Date: Wed, 30 May 2018 20:12:53 +0200 [thread overview]
Message-ID: <20180530181253.GA18004@kroah.com> (raw)
In-Reply-To: <1527701845.1082359.1390760976.092478F1@webmail.messagingengine.com>
On Wed, May 30, 2018 at 10:37:25AM -0700, Alexander Ivanov wrote:
> On Wed, 30 May 2018 13:25 -0400, valdis.kletnieks at vt.edu wrote:
> > What question do you have about it?
>
> There are a couple, actually :)
> First, theoretical, I suppose: what were the reasons to effectively
> disable dynamic loading of LSM ?
This was discussed loads when LSM was first created. I'll leave this as
an exercise for the reader, how would you properly unload a LSM? Think
about what a LSM does to lots and lots of different objects in the
kernel...
> Second, is there a way for two or more LSMs to co-exist? After
> inspecting security_module_enable() and register_security(), it
> doesn't seem possible, however yama does attempt to load itself? Am I
> missing something?
Again, this is discussed all the time. Search for "stackable LSM" and
you should find lots of threads about the problems involved, how people
are considering solving them, and what workarounds are currently in
place to allow some LSM to do this today.
I think google is your friend here, read the mailing list archives, it
has all of this information there already.
good luck!
greg k-h
next prev parent reply other threads:[~2018-05-30 18:12 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-30 17:16 Is there mailist about LSM Alexander Ivanov
2018-05-30 17:25 ` valdis.kletnieks at vt.edu
2018-05-30 17:35 ` Greg KH
2018-05-30 17:59 ` Ozgur Kara
2018-05-30 18:02 ` valdis.kletnieks at vt.edu
2018-05-30 18:09 ` Ozgur Kara
2018-05-30 18:23 ` valdis.kletnieks at vt.edu
2018-05-30 17:37 ` Alexander Ivanov
2018-05-30 18:05 ` valdis.kletnieks at vt.edu
2018-05-30 18:13 ` Alexander Ivanov
2018-05-30 18:26 ` valdis.kletnieks at vt.edu
2018-05-30 22:10 ` Alexander Ivanov
2018-05-31 5:22 ` Ozgur Kara
2018-05-31 6:00 ` Alexander Ivanov
2018-05-31 21:11 ` Thibaut Sautereau
2018-05-31 22:33 ` Alexander Ivanov
2018-05-30 18:13 ` Ozgur Kara
2018-05-30 18:35 ` Greg KH
2018-05-30 18:12 ` Greg KH [this message]
2018-05-30 18:18 ` Alexander Ivanov
2018-05-30 17:54 ` Ozgur Kara
2018-05-30 18:01 ` Alexander Ivanov
2018-05-30 18:05 ` Ozgur Kara
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180530181253.GA18004@kroah.com \
--to=greg@kroah.com \
--cc=kernelnewbies@lists.kernelnewbies.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).