Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754758AbXFYUis (ORCPT ); Mon, 25 Jun 2007 16:38:48 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1751779AbXFYUik (ORCPT ); Mon, 25 Jun 2007 16:38:40 -0400 Received: from mx2.suse.de ([195.135.220.15]:34184 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751811AbXFYUij (ORCPT ); Mon, 25 Jun 2007 16:38:39 -0400 From: Andreas Gruenbacher Organization: SuSE Labs, Novell To: James Morris Subject: Re: [PATCH try #2] security: Convert LSM into a static interface Date: Mon, 25 Jun 2007 22:37:58 +0200 User-Agent: KMail/1.9.5 Cc: Chris Wright , linux-security-module@vger.kernel.org, "Serge E. Hallyn" , Andrew Morgan , Andrew Morton , Stephen Smalley , lkml , Arjan van de Ven , Greg KH , Eric Paris References: <20070617135239.GA17689@sergelap> <20070624220903.GB3723@sequoia.sous-sol.org> In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200706252237.59226.agruen@suse.de> Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 775 Lines: 17 On Monday 25 June 2007 06:33, James Morris wrote: > Convert LSM into a static interface, as the ability to unload a security > module is not required by in-tree users and potentially complicates the > overall security architecture. It's useful for some LSMs to be modular, and LSMs which are y/n options won't have any security architecture issues with unloading at all. The mere fact that SELinux cannot be built as a module is a rather weak argument for disabling LSM modules as a whole, so please don't. Thanks, Andreas - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/