Hi, I'm not sure this information is useful or not, but I just made Sysmtecalls <-> security functions/capabilities mapping sheets for understanding LSM's framework(and enhancement LIDS:-) ).
You can download some Excel sheets from; http://www.selinux.gr.jp/LIDS-JP/systemcalls.html (These Excel sheets are made by OpenOffice, so it might have some font problem.) I checked 2.6.20-kernel source code by using lxr and grep, so I guess I have some mistakes in these files. But I believe this sheet is helpful for checking current LSM framework are "sufficient" or "insufficient". Sincerely, OMO Hao Xu wrote: (2007/04/08 14:08): > Hi! > > If the purpose of the LSM framework is not just satisfying selinux, then > the reason for adding this hook is obvious: we NEED a way to update the > incore inode security data after successful removexattr operations, it's > undoubtedly necessary for a xattr based security module. I don't > consider the framework as complete without this hook. > > I didn't give the patch here because it's trivial. I'd like to hear some > comments first. > > > thanks, > > hao > - > To unsubscribe from this list: send the line "unsubscribe > linux-security-module" in > the body of a message to [EMAIL PROTECTED] > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- Kazuki Omo: [EMAIL PROTECTED] Group Manager, OSS Solution Center Diary: http://omok.livejournal.com - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
