Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Mon, 21 Oct 2002 10:03:38 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Mon, 21 Oct 2002 10:03:38 -0400 Received: from phoenix.infradead.org ([195.224.96.167]:59659 "EHLO phoenix.infradead.org") by vger.kernel.org with ESMTP id ; Mon, 21 Oct 2002 10:03:38 -0400 Date: Mon, 21 Oct 2002 15:09:20 +0100 From: Christoph Hellwig To: Mike Wray Cc: Stephen Smalley , Christoph Hellwig , linux-kernel@vger.kernel.org, linux-security-module@wirex.com Subject: Re: [PATCH] remove sys_security Message-ID: <20021021150920.A14396@infradead.org> Mail-Followup-To: Christoph Hellwig , Mike Wray , Stephen Smalley , linux-kernel@vger.kernel.org, linux-security-module@wirex.com References: <003701c27909$7367e350$6345900f@hpl.hp.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <003701c27909$7367e350$6345900f@hpl.hp.com>; from mike_wray@hp.com on Mon, Oct 21, 2002 at 02:54:33PM +0100 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 918 Lines: 22 On Mon, Oct 21, 2002 at 02:54:33PM +0100, Mike Wray wrote: > I'm not sure the case for removal has been made. Some potential problems > with the LSM security syscall have been pointed out. Isn't it better to > consider > fixes instead of ditching the syscall? The conceptual wrong design was pointed out, yes. It's not fixable without rplacing it with a proper design of the security module entry points. > Won't the absence of the syscall just result > in even worse code being used? Presumably SELinux will have to implement > the syscall functionality some other way. Unlike this hook there is a chance we can review their new creations when they ask for inclusion. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/