[PATCH v4 04/19] SELinux: Remove cred security blob poisoning

James Morris jmorris at namei.org
Thu Sep 27 22:13:32 UTC 2018


On Fri, 21 Sep 2018, Casey Schaufler wrote:

> The SELinux specific credential poisioning only makes sense
> if SELinux is managing the credentials. As the intent of this
> patch set is to move the blob management out of the modules
> and into the infrastructure, the SELinux specific code has
> to go. The poisioning could be introduced into the infrastructure
> at some later date.

If it's useful, it should be incorporated into core LSM, otherwise that's 
a regression for SELinux.


-- 
James Morris
<jmorris at namei.org>



More information about the Linux-security-module-archive mailing list