Hi Guenter,
On Mon, 10 Oct 2005, Guenter Geiger wrote:
Hi,
I am maintaining a linux security module (LSM) called realtime
for the Debian system. Loading the module into the stock Debian
kernel only works if
CONFIG_SECURITY=y
and
CONFIG_SECURITY_CAPABILITIES=m,
which means that the kernel has to be security enabled and the
standard security setting (capability.ko) is a module.
For most of the time this has actually been the case for Debian kernels,
unfortunately these setting seem to have changed, so that with the new 2.6.13
release the capability.ko is compiled into the kernel, which makes it
impossible to influence security aspects of a running kernel.
Is there a reason for these changes ?
Would it be possible to stick to CONFIG_SECURITY=y and
CONFIG_SECURITY_CAPABILITIES=m ?
If not, why ?
Can this be considered a bug and should I file a bug report ?
It appears that this change was done with svn commit 4206, which moved all
the security related config settings to the common config file. I'm CCing
Bastian Blank who made this change, so that he can comment on whether
there is some deep reason for new configuration settings, or it was just
an accident and may be easily reverted.
Best regards,
Jurij Smakov [EMAIL PROTECTED]
Key: http://www.wooyd.org/pgpkey/ KeyID: C99E03CC
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
