Hello.
Paul Moore wrote:
* post_recv_datagram is added in skb_recv_datagram.
Can you explain to me why this is not possible using the existing
security_socket_sock_rcv_skb() LSM hook?
socket_sock_rcv_skb() is a hook for enqueue time.
I want a hook for dequeue time, because what TOMOYO
On Tuesday, August 28 2007 6:39:13 am Tetsuo Handa wrote:
Hello.
Hello.
Paul Moore wrote:
* post_recv_datagram is added in skb_recv_datagram.
Can you explain to me why this is not possible using the existing
security_socket_sock_rcv_skb() LSM hook?
socket_sock_rcv_skb() is a hook
Hello.
Kyle Moffett wrote:
This is probably not acceptable; I doubt there's a chance in hell
that TOMOYO will get merged as long as it has text-based-language
parsing in the kernel. You also have $NEW_RANDOM_ABUSE_OF_PROCFS and
$PATH_BASED_LSM_ISSUES. See the long flamewars on AppArmor for
Quoting Andrew Morgan ([EMAIL PROTECTED]):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Attached is what I consider only an RFC patch.
I've not really thought through (to my satisfaction) the re-purposing of
current-keep_capabilities in the non-filesystem-supporting-capability
Quoting Andrew Morgan ([EMAIL PROTECTED]):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Attached is what I consider only an RFC patch.
I've not really thought through (to my satisfaction) the re-purposing of
current-keep_capabilities in the non-filesystem-supporting-capability
--- Thomas Bleher [EMAIL PROTECTED] wrote:
* Casey Schaufler [EMAIL PROTECTED] [2007-08-27 22:51]:
Smack is the Simplified Mandatory Access Control Kernel.
Smack implements mandatory access control (MAC) using labels
attached to tasks and data containers, including files, SVIPC,