--- Andi Kleen <[EMAIL PROTECTED]> wrote:
> Anyways; if someone wants to cripple their security for some > performance this way they can surely do this; but i don't think we should > offer it as a default configuration option (just as we don't have a > CONFIG_NULL_LSM even though there are undoubtedly systems that don't > care about permission checking[1]) > > -Andi > > [1] I bet I gave the linux-tiny crowd an idea now ;-) You would need authoritative LSM hooks for this. The current LSM additional restrictions model does not provide for this. Casey Schaufler [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
