Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1030248AbVJEQtd (ORCPT ); Wed, 5 Oct 2005 12:49:33 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1030245AbVJEQtd (ORCPT ); Wed, 5 Oct 2005 12:49:33 -0400 Received: from mx1.redhat.com ([66.187.233.31]:30602 "EHLO mx1.redhat.com") by vger.kernel.org with ESMTP id S1030248AbVJEQtc (ORCPT ); Wed, 5 Oct 2005 12:49:32 -0400 From: David Howells In-Reply-To: References: <29942.1128529714@warthog.cambridge.redhat.com> To: James Morris Cc: David Howells , Linus Torvalds , Andrew Morton , keyrings@linux-nfs.org, linux-kernel@vger.kernel.org, Stephen Smalley Subject: Re: [Keyrings] [PATCH] Keys: Add LSM hooks for key management X-Mailer: MH-E 7.84; nmh 1.1; GNU Emacs 22.0.50.1 Date: Wed, 05 Oct 2005 17:48:09 +0100 Message-ID: <30441.1128530889@warthog.cambridge.redhat.com> Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 690 Lines: 22 James Morris wrote: > > Key management access control through LSM is enabled by > > CONFIG_SECURITY_KEYS. > > Any reason why this is configurable? Well, I saw that the network stuff was. I can make it non-configurable. > Why wouldn't someone want this? Speed/latency? But I suppose that's not really a factor. What about the security ops for keys that I've made available? Does doing it that way seem reasonable? David - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/