Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Fri, 18 Oct 2002 04:26:00 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Fri, 18 Oct 2002 04:26:00 -0400 Received: from mithra.wirex.com ([65.102.14.2]:3338 "EHLO mail.wirex.com") by vger.kernel.org with ESMTP id ; Fri, 18 Oct 2002 04:25:58 -0400 Message-ID: <3DAFC6E7.9000302@wirex.com> Date: Fri, 18 Oct 2002 01:31:35 -0700 From: Crispin Cowan Organization: WireX Communications, Inc. User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.1) Gecko/20020827 X-Accept-Language: en-us, en MIME-Version: 1.0 To: "David S. Miller" Cc: hch@infradead.org, greg@kroah.com, torvalds@transmeta.com, linux-kernel@vger.kernel.org, linux-security-module@wirex.com Subject: Re: [PATCH] remove sys_security References: <20021017201030.GA384@kroah.com> <20021017211223.A8095@infradead.org> <3DAFB260.5000206@wirex.com> <20021018.000738.05626464.davem@redhat.com> X-Enigmail-Version: 0.65.2.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="------------enigE5DA74FC7419581687B3DC38" Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2086 Lines: 57 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigE5DA74FC7419581687B3DC38 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit David S. Miller wrote: >Anything which passes a completely opaque value through a system >call is a sign of trouble, design wise. > That's interesting. Passing a completely opaque value (actually an integer) through the system call was exactly what we designed it to do, because we saw a design need for pecisely that: so that applications with awareness of a specific module can talk to the module. Could you elaborate on why this is a sign of trouble, design wise? >There is simply no way we can enfore proper portable typing by >all these security module authors such that we can do any kind >of proper 32-bit/64-bit syscall translation on the ports that >need to do this. > THAT I would love to hear about. If all we have to do to save sys_security is change its signature, that'd be great. >If we do things such as the fs stacking or fs filter ideas, >that eliminates a whole swath of the facilities the security_ops >"provide". No ugly syscalls passing opaque types through the kernel >to some magic module, but rather a real facility that is useful >to many things other than LSM. > Yes, that will be wonderful. And the LSM team will be pleased to re-work the desing when stackable file systems appear and we can take advantage of them. Crispin --------------enigE5DA74FC7419581687B3DC38 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE9r8bo5ZkfjX2CNDARAUbhAJ9AF/j5AfE1C0jyvZ3VXF0f/xey8wCgpYp8 oYE696LCdKVsgvBPyMDbRrQ= =ciE8 -----END PGP SIGNATURE----- --------------enigE5DA74FC7419581687B3DC38-- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/