Stephen Smalley wrote:
> On Mon, 2003-06-02 at 06:44, Andrew Morton wrote:
>
>>Chris Wright <[email protected]> wrote:
>>
>>>security_capable() returns 0 if that capability bit is set.
>>>
>>That's just bizarre. Is there any logic behind it?
>>
>
> The LSM access control hooks all return 0 on success (i.e. permission
> granted) and negative error code on failure, like most of the rest of
> the kernel interfaces (e.g. consider permission())
Maybe it should be called "security_incapable() and then the return code can be
treated as a boolean true/false....
Chris
--
Chris Friesen | MailStop: 043/33/F10
Nortel Networks | work: (613) 765-0557
3500 Carling Avenue | fax: (613) 765-2986
Nepean, ON K2H 8E9 Canada | email: [email protected]