--- "Serge E. Hallyn" <[EMAIL PROTECTED]> wrote:
> > I think the value is overrated. You would never want to do that
> > in a production environment, and in a debug environment you could
> > just as easily reboot and get some start-up testing out of the way.
>
> And in a development environment
Quoting Casey Schaufler ([EMAIL PROTECTED]):
>
> --- "Serge E. Hallyn" <[EMAIL PROTECTED]> wrote:
>
> > Quoting James Morris ([EMAIL PROTECTED]):
> > > Convert LSM into a static interface, as the ability to unload a security
> > > module is not required by in-tree users and potentially complicat
Il giorno dom, 24/06/2007 alle 20.37 -0700, Casey Schaufler ha scritto:
> --- Chris Wright <[EMAIL PROTECTED]> wrote:
>
> > * Casey Schaufler ([EMAIL PROTECTED]) wrote:
> > > So, for planning purposes, when ought I expect to have to start
> > > dealing with this?
> >
> > What is your specific con
On Mon, 25 Jun 2007, Casey Schaufler wrote:
> While there's lots of pain involved in developing an LSM
> modern development environments (e.g. virtual machines)
> have reduced the value of loadable modules for debug purposes.
lguest is pretty good for this. You can boot a kernel in approximately
--- "Serge E. Hallyn" <[EMAIL PROTECTED]> wrote:
> Quoting James Morris ([EMAIL PROTECTED]):
> > Convert LSM into a static interface, as the ability to unload a security
> > module is not required by in-tree users and potentially complicates the
> > overall security architecture.
> >
> > Needl
--- Chris Wright <[EMAIL PROTECTED]> wrote:
> * Casey Schaufler ([EMAIL PROTECTED]) wrote:
> > Just hoping to avoid a change collision. If I have to deal
> > with this today it's easy, if it doesn't show up anywhere
> > until 2.6.28 I'm breezing, but if it all hits in two weeks I
> > have some sc
Quoting Chris Wright ([EMAIL PROTECTED]):
> * Serge E. Hallyn ([EMAIL PROTECTED]) wrote:
> > Sigh, as much as I would *like* to stay out of this (I don't
> > use modules at all on any system where I can avoid it), won't
> > it make development - and especially testing - of new lsms
> > much more pa
* Serge E. Hallyn ([EMAIL PROTECTED]) wrote:
> Sigh, as much as I would *like* to stay out of this (I don't
> use modules at all on any system where I can avoid it), won't
> it make development - and especially testing - of new lsms
> much more painful and therefore less likely?
Dev, hopefully not
* Casey Schaufler ([EMAIL PROTECTED]) wrote:
> Just hoping to avoid a change collision. If I have to deal
> with this today it's easy, if it doesn't show up anywhere
> until 2.6.28 I'm breezing, but if it all hits in two weeks I
> have some scrambling and yet another delay to deal with. Not
> your
Quoting James Morris ([EMAIL PROTECTED]):
> Convert LSM into a static interface, as the ability to unload a security
> module is not required by in-tree users and potentially complicates the
> overall security architecture.
>
> Needlessly exported LSM symbols have been unexported, to help reduce
--- Chris Wright <[EMAIL PROTECTED]> wrote:
> * Casey Schaufler ([EMAIL PROTECTED]) wrote:
> > So, for planning purposes, when ought I expect to have to start
> > dealing with this?
>
> What is your specific concern or use case?
Just hoping to avoid a change collision. If I have to deal
with th
* Casey Schaufler ([EMAIL PROTECTED]) wrote:
> So, for planning purposes, when ought I expect to have to start
> dealing with this?
What is your specific concern or use case?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
Mor
* James Morris ([EMAIL PROTECTED]) wrote:
> On Sun, 24 Jun 2007, Chris Wright wrote:
>
> > * James Morris ([EMAIL PROTECTED]) wrote:
> > > -module_param_named(disable, capability_disable, int, 0);
> > > -MODULE_PARM_DESC(disable, "To disable capabilities module set disable =
> > > 1");
> > > +
>
--- Chris Wright <[EMAIL PROTECTED]> wrote:
> * James Morris ([EMAIL PROTECTED]) wrote:
> > -module_param_named(disable, capability_disable, int, 0);
> > -MODULE_PARM_DESC(disable, "To disable capabilities module set disable =
> 1");
> > +
> > +static int __init capability_disable_setup(char *str
On Sun, 24 Jun 2007, Chris Wright wrote:
> * James Morris ([EMAIL PROTECTED]) wrote:
> > -module_param_named(disable, capability_disable, int, 0);
> > -MODULE_PARM_DESC(disable, "To disable capabilities module set disable =
> > 1");
> > +
> > +static int __init capability_disable_setup(char *str)
* James Morris ([EMAIL PROTECTED]) wrote:
> -module_param_named(disable, capability_disable, int, 0);
> -MODULE_PARM_DESC(disable, "To disable capabilities module set disable = 1");
> +
> +static int __init capability_disable_setup(char *str)
> +{
> + capability_disable = simple_strtol(str, NUL
16 matches
Mail list logo
