On Fri, Sep 27, 2002 at 08:55:52PM +0200, Olaf Dietsche wrote:
>
> +static int cap_ip_prot_sock (int port)
> +{
> + if (port && port < PROT_SOCK && !capable(CAP_NET_BIND_SERVICE))
> + return -EACCES;
> +
> + return 0;
> +}
> +
Do we really want to force all of the security modules to implement this
logic (yes, it's the same discussion again...)
As for the ip_prot_sock hook in general, does it look ok to the other
developers?
thanks,
greg k-h
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Sep 30 2002 - 22:00:33 EST