On Thu, 08 Mar 2007 17:58:16 EST, Mimi Zohar said: > This is a request for comments for a new Integrity Based Access > Control(IBAC) LSM module which bases access control decisions > on the new integrity framework services. > > (Hopefully this will help clarify the interaction between an LSM > module and LIM module.)
OK, between this and the additional LIM hooks I didn't notice in an earlier patch, we're starting to see the API. The only problem is that although it may be the right API for *your* code, I suspect it's a non-starter without a discussion about whether it's the right *generic* API for an LIM (which will require at least one dramatic bun fight about what "Integrity" means). > Index: linux-2.6.21-rc3-mm2/security/ibac/Kconfig Minor congnitive-dissonance alert: > +config SECURITY_IBAC_BOOTPARAM > + bool "IBAC boot parameter" > + depends on SECURITY_IBAC > + default y > + If you are unsure how to answer this question, answer N. The 'default' should in general match the hint we give the user.
pgpTmJITtijDg.pgp
Description: PGP signature
