[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-security-module
Subject: Re: [PATCH] Add in_execve flag into task_struct.
From: James Morris <jmorris () namei ! org>
Date: 2009-02-12 4:08:50
Message-ID: alpine.LRH.1.10.0902121504130.18145 () tundra ! namei ! org
[Download RAW message or body]
On Thu, 5 Feb 2009, David Howells wrote:
> Serge E. Hallyn <serue@us.ibm.com> wrote:
>
> > It's ugly, you can't get me to say it isn't ugly :), and it sets a scary
> > bad precedent. But if David insists (in a reply to this msg) that this
> > flag really is tops, then just ignore me. Anyway my point wasn't to
> > block the patch but to raise discussion (so someone else could decide to
> > block it :) on both the flag and security implications of these
> > semantics.
>
> I think it's probably the best way to support Tomoyo's security model without
> reworking a chunk of execve().
Agreed. It's somewhat less than perfect, but I don't see a better
alternative.
- James
--
James Morris
<jmorris@namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic