Thanks,
So when is the parser started? At startup or when it is needed?
Thanks again. I'll check it out.
Cliffe.
Crispin Cowan wrote:
Cliffe wrote:
This question is similar to my first.
I have multiple files (in separate locations) containing policies for
confining the same application. How can I read the contents of these
files into my LSM?
In AppArmor, we use a user-level program we call a "parser" that reads
the text files, parses them, turns them into a kernel-digestible data
structure, and pushes them into the kernel through an API defined by the
module. At various times it has been a system call, a sysctrl, and now
is a virtual file system. The preferred way to load data into the kernel
seems to keep changing :)
See the AppArmor parser apparmor-parser-2.0.2-566.tar.gz
<http://forge.novell.com/modules/xfcontent/private.php/apparmor/LKML_Submission-April_07/apparmor-parser-2.0.2-566.tar.gz>
and kernel code apparmor-kernel-patches-2.0.2-564.tar.gz
<http://forge.novell.com/modules/xfcontent/file.php/apparmor/LKML_Submission-April_07/apparmor-kernel-patches-2.0.2-564.tar.gz>
for details.
Crispin
-
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
