Its the way you cut. Splitting up into modules is not exactly going to work alone.
I basically cover it in Re: LSM and Containers. Where you have different parts enforcing the permissions. Only one module allocating them in a zone at a time. Yes just like posix file caps I want the enforcing parts to allow applications and users control of their permissions directly as well. Ie able to lower permissions. The now the allocating module connects to a container that the enforcing modules report to with problems for a ruling ie kill process or grant as well that is called when process are created to allocate the starting permissions. Now the permissions the module can allocate are limited off the start line by what is set on the container. Note this system only one thing is in control of anyone section at any one time. Unless user decided to restrict things them selfs. So you cannot have one part overriding the permissions of another leading to a flaw. Now there is no reason why there could not be a smart form of module that controls that uses all security enforcing modules installed. This is stackable you can have different zones. You don't have to tree threw a stack of LSM to work out if something is approved or forbin. You don't have fights. Yet you can still do other LSM features inside current LSM by using the allows lowering of rights as long as you have the enforcement module to do it. Peter Dolding - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html