[Patch v4 13/18] security: Update security level of a process when modifying its dumpability

Tim Chen tim.c.chen at linux.intel.com
Tue Oct 30 21:30:40 UTC 2018


On 10/30/2018 01:57 PM, Schaufler, Casey wrote:

> 
> This isn't an LSM hook and hence does not belong in this file.
> arch_set_security() isn't descriptive, and is in fact a bad choice
> as task_struct has a field "security". This function has nothing
> to do with the task->security field, which is what I would expect
> based on the name.
> 

What file will be a logical place for this function?

>> +
>> +int update_process_security(struct task_struct *task)
> 
> Again, this isn't an LSM hook and does not belong in this file.
> Also again, "security" isn't descriptive in the name.
> 

Thanks.

Tim



More information about the Linux-security-module-archive mailing list