[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-security-module
Subject: Re: Question about security system call in LSM ?
From: Kristian =?iso-8859-1?q?S=F8rensen?= <ks () cs ! aau ! dk>
Date: 2005-03-14 8:10:46
Message-ID: 200503140910.46389.ks () cs ! aau ! dk
[Download RAW message or body]
Hi
On Monday 14 March 2005 03:59, Seth Arnold wrote:
> On Fri, Mar 11, 2005 at 05:17:23AM -0800, Park Lee wrote:
> > But, as we know, sys_security was rejected by the
> > Linux mainline kernel. then, Is there any other
> > security system call that is provided for
> > security-aware applications in LSM? or, Does LSM
> > still use the general security system call?
We maintained a system call (our own) for the Umbrella Project for a long
time. It is certainly not recommended. The patch needs reworking for almost
every new release of the vanilla Linux kernel.
>
> The general security system call is not available in kernels deployed
> by users.
>
> In lieu of this system call, you (as an LSM implementer) have several
> options for userland<->kernel communication:
>
> o /proc/*/attr/*
> o making your own /proc/ files (not recommended)
Why not? It is simple, effective and transparent :-)
You mention that sysfs is the way to go. What is the real difference between
sysfs and procfs?
Cheers, Kristian.
--
Kristian Sørensen
- The Umbrella Project -- Security for Consumer Electronics
http://umbrella.sourceforge.net
E-mail: ipqw@users.sf.net, Phone: +45 29723816
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic