On Mon, 07 Feb 2005 23:00:33 +0100, Lorenzo =?ISO-8859-1?Q?Hern=E1ndez_?= =?ISO-8859-1?Q?Garc=EDa-Hierro?= said:
> A sysctl can be a good option, creating a CTL_SECURITY and then > registering stuff under it, but this requires to have the kernel hackers > agree with implementing a new security suite and such. > In short, re-inventing the wheel. No, you can do this from within an LSM and the kernel hackers don't have to deal with it.... (tech note - don't call register_sysctl_table() from within a security_initcall(). Use a separate __initcall() that gets called later - security_initcall() happens before the kernel has the sysctl infrastructure in place. Guess how I know that? ;)
pgpOpjamuhL1A.pgp
Description: PGP signature
