[rsbac] 1.1.2 and 2.4.18

Stephen Smalley rsbac@rsbac.org
Tue, 12 Mar 2002 15:54:07 -0500 (EST)

Previous message: [rsbac] 1.1.2 and 2.4.18
Next message: [rsbac] syscall wrapper (was 1.1.2 and 2.4.18)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 12 Mar 2002, Amon Ott wrote:

> Will LSM be included into the 2.4 series then, or are the syscalls only
> reserved for compatibility?

The latter - reserving new system call numbers in the stable series seems
to be standard practice to preclude conflicts.  LSM is targeted for
consideration in the 2.5 series.  However, the LSM patches for both the
2.4 series and the 2.5 series are being maintained.

> There are many issues involved in the LSM port, it will sure not be easy. I
> have already told on this list that it will be investigated more closely when
> there is sufficient room on my agenda. The new 1.2.0 version, maybe even
> 1.2.1 will come first.

Reimplementing the RSBAC calls using the generic security call number and
API can be viewed separately from the issue of porting RSBAC to LSM.  Even
if you never port to LSM, multiplexing your calls through a single call
that uses the __NR_security syscall number protects you against future
conflicts.  And, if you later port to LSM, using that number and using
the LSM-defined API for the call will ensure compatibility across the LSM
port.

--
Stephen D. Smalley, NAI Labs
ssmalley@nai.com

Previous message: [rsbac] 1.1.2 and 2.4.18
Next message: [rsbac] syscall wrapper (was 1.1.2 and 2.4.18)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]