[PATCH v4 04/19] SELinux: Remove cred security blob poisoning
James Morris
jmorris at namei.org
Thu Sep 27 22:13:32 UTC 2018
On Fri, 21 Sep 2018, Casey Schaufler wrote:
> The SELinux specific credential poisioning only makes sense
> if SELinux is managing the credentials. As the intent of this
> patch set is to move the blob management out of the modules
> and into the infrastructure, the SELinux specific code has
> to go. The poisioning could be introduced into the infrastructure
> at some later date.
If it's useful, it should be incorporated into core LSM, otherwise that's
a regression for SELinux.
--
James Morris
<jmorris at namei.org>
More information about the Linux-security-module-archive
mailing list