On Sun, Nov 04, 2007 at 12:28:48PM +, Pavel Machek wrote:
Hi!
Still to come:
- Final cleanup of smack_load_write and smack_cipso_write.
Hi All,
After agreeing with Casey on the load input grammar yesterday, here's
the final grammar and its parser (which needs more
Quoting Andrew Morgan ([EMAIL PROTECTED]):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Peter Dolding wrote:
On 11/1/07, Casey Schaufler [EMAIL PROTECTED] wrote:
--- Peter Dolding [EMAIL PROTECTED] wrote:
Posix capabilities predate SELinux. SELinux is not interested in
Posix
On Mon, 5 Nov 2007, Ahmed S. Darwish wrote:
On Sun, Nov 04, 2007 at 12:28:48PM +, Pavel Machek wrote:
Can we avoid string parsers in the kernel?
Ok, Could someone suggest a better idea please ?.
I personally think string parsers are *much* better than the alternatives
(which
A while ago I asked some questions on the subject of at* system calls
on the list and got rather dismissive responses.
After having given up on the whole concept for a while, the recent
discussions on this list have made me put some more efford into trying
to define more clearly what I would like
On 11/5/07, Linus Torvalds [EMAIL PROTECTED] wrote:
On Mon, 5 Nov 2007, Ahmed S. Darwish wrote:
On Sun, Nov 04, 2007 at 12:28:48PM +, Pavel Machek wrote:
Can we avoid string parsers in the kernel?
Ok, Could someone suggest a better idea please ?.
I personally think string
http://www.ibm.com/developerworks/linux/library/l-posixcap.html
This covers part of what you are talking about. Least authority exec.
Its one of the cures to the SUID bit problem.
Wonder if the exec bit would be better done with a normal posix
capabilities flag saying that this is on offer.
Quoting Andrew Morgan ([EMAIL PROTECTED]):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Serge,
Here is my latest iteration of the 64-bit support. This is basically it
(sans porting it to Andrew's mm tree).
Cheers
Andrew
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.6
Simon Arlott wrote:
On Tue, October 30, 2007 07:14, Cliffe wrote:
And while I acknowledge that many of these layers are currently buried
within the kernel (netfilter...) they are security layers which in many
cases would probably make sense as stackable security modules.
Making the
On Tue, 06 Nov 2007 13:00:41 +0900
Tetsuo Handa [EMAIL PROTECTED] wrote:
Hello.
I found that accessing namespace_sem from security_inode_create()
causes lockdep warning when compiled with CONFIG_PROVE_LOCKING=y .
sounds like you have an AB-BA deadlock...
--
If you want to reach me at
On Sat, Nov 03, 2007 at 06:43:06PM +0200, Ahmed S. Darwish wrote:
On Fri, Nov 02, 2007 at 01:50:55PM -0700, Casey Schaufler wrote:
Still to come:
- Final cleanup of smack_load_write and smack_cipso_write.
Hi All,
After agreeing with Casey on the load input grammar yesterday,
On 11/6/2007 1:11 PM, Arjan van de Ven wrote:
On Tue, 06 Nov 2007 13:00:41 +0900
Tetsuo Handa [EMAIL PROTECTED] wrote:
Hello.
I found that accessing namespace_sem from security_inode_create()
causes lockdep warning when compiled with CONFIG_PROVE_LOCKING=y .
sounds like you have an AB-BA
11 matches
Mail list logo