[Labeled-nfs] [PATCH 03/13] Security: Add hook to get full security xattr name
Casey Schaufler
casey at schaufler-ca.com
Fri Nov 16 19:34:08 EST 2007
--- "David P. Quigley" <dpquigl at tycho.nsa.gov> wrote:
> When a caller wishes to get pull the extended attribute name for the security
> module for use they normally concatinate the security namespace segment and
> the
> suffix provided by the lsm. This hook provides a mechanism to obtain the full
> LSM xattr name. The patch also provides implementations for the dummy
> security
> module and SELinux.
What is the problem with the concatination scheme currently in
use? I'm not going to defend it, but why change it?
> Signed-off-by: David P. Quigley <dpquigl at tycho.nsa.gov>
> Signed-off-by: Matthew N. Dodd <Matthew.Dodd at sparta.com>
> ---
> include/linux/security.h | 7 +++++++
> security/dummy.c | 6 ++++++
> security/security.c | 6 ++++++
> security/selinux/hooks.c | 6 ++++++
> 4 files changed, 25 insertions(+), 0 deletions(-)
Please cross post proposed LSM changes to the LSM mailing list.
Casey Schaufler
casey at schaufler-ca.com
More information about the Labeled-nfs
mailing list