On Tue, 2007-12-18 at 19:28 -0800, Crispin Cowan wrote:
Stephen Smalley wrote:
It is if I have to maintain a special pieces of code for each possible LSM.
One piece for SELinux, one piece for AppArmour, one piece for Smack, one
piece
for Casey's security system. That sounds like a pain.
Since it was decided that low memory protection from userspace couldn't
be turned on by default add a Kconfig option to allow users/distros to
set a default at compile time. This value is still tunable after boot
in /proc/sys/vm/mmap_min_addr
Signed-off-by: Eric Paris [EMAIL PROTECTED]
---
On Dec 19 2007 16:59, Eric Paris wrote:
+config SECURITY_DEFAULT_MMAP_MIN_ADDR
+int Low address space to protect from user allocation
Hm, should not this be 'hex'?
+depends on SECURITY
+default 0
+help
-
To unsubscribe from this list: send the line unsubscribe
On Thu, 20 Dec 2007, David Chinner wrote:
I'm not sure I understand your namespace pollution issue, either.
doing this globally:
#ifdef CONFIG_SOMETHING
extern intsome_common_name(int a, int b, int c);
#else
#define some_common_name(a,b,c) 0
#endif
I suspect it may be