[PATCH] TOMOYO: Switch from per "struct cred" blob to per "struct task_struct" blob.
James Morris
jmorris at namei.org
Sun Mar 12 23:17:06 UTC 2017
On Sun, 12 Mar 2017, Djalal Harouni wrote:
> ...
Please trim quotes when replying.
> Is it possible to adapt some stacking bits from Casey's patches and
> stack this security field ? or at least try first to stack
> task->security without having to stack all the others cred->security,
> inode->security ... ?
>
> IMO it would be better if the first LSM user gets this right, or at
> least the second LSM that uses the field without having to wait for
> the support of all security fields stacking.
As Tetsuo mentions in the changelog, he aims to revive the hook before
modifying it for stacking. I would also want to see a strong use-case for
the stacking aspect (e.g. an existing LSM planning to use it, or as part
of a proposal to merge a new LSM).
JJ: can you confirm that you'll use the revived hook in AppArmor? I can
see your acked-by but the context of it is lost due to the lack of mail
archives.
--
James Morris
<jmorris at namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list