From: Kees Cook <kees@ubuntu.com>
To: Casey Schaufler <casey@schaufler-ca.com>
Cc: linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org,
John Johansen <john.johansen@canonical.com>
Subject: Re: [PATCH 0/4] AppArmor: refactor securityfs to use structures
Date: Fri, 27 Jan 2012 12:05:52 -0800 [thread overview]
Message-ID: <20120127200551.GV4592@outflux.net> (raw)
In-Reply-To: <4F22F2D4.4080605@schaufler-ca.com>
Hi Casey,
On Fri, Jan 27, 2012 at 10:54:12AM -0800, Casey Schaufler wrote:
> On 1/26/2012 4:29 PM, Kees Cook wrote:
> >This is the ground-work for expanding the AppArmor securityfs to include
> >useful information that the userspace tools can more easily interact with.
> >Presently, this is only static information about the state of AppArmor.
>
> If you're making changes for securityfs do you suppose that
> you might do all of us LSM developers a huge favor and add an
> entry that reports the active LSM? It's something that has been
> on my todo list for ages and would make everyone's life so much
> easier. /sys/kernel/security/LSM which contains the name of the
> active LSM would be very handy.
Should that appear in the securityfs? Normally one can just mount it
and look to see what's in there. And, I'm nervous to add a file here
without a good LSM stacking plan yet. I'd hate to create another interface
that needs to be redefined later. :)
-Kees
--
Kees Cook
next prev parent reply other threads:[~2012-01-27 20:06 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-27 0:29 [PATCH 0/4] AppArmor: refactor securityfs to use structures Kees Cook
2012-01-27 0:29 ` [PATCH 1/4] " Kees Cook
2012-01-27 19:34 ` John Johansen
2012-01-27 0:29 ` [PATCH 2/4] AppArmor: add initial "features" directory to securityfs Kees Cook
2012-01-27 19:34 ` John Johansen
2012-01-27 0:29 ` [PATCH 3/4] AppArmor: add "file" details " Kees Cook
2012-01-27 19:34 ` John Johansen
2012-01-27 0:29 ` [PATCH 4/4] AppArmor: export known rlimit names/value mappings in securityfs Kees Cook
2012-01-27 19:35 ` John Johansen
2012-01-27 18:54 ` [PATCH 0/4] AppArmor: refactor securityfs to use structures Casey Schaufler
2012-01-27 20:05 ` Kees Cook [this message]
2012-01-27 19:38 ` John Johansen
2012-01-30 1:09 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120127200551.GV4592@outflux.net \
--to=kees@ubuntu.com \
--cc=casey@schaufler-ca.com \
--cc=john.johansen@canonical.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).