Re: [RFC] Virtualization steps

From: Eric W. Biederman
Date: Fri Mar 31 2006 - 00:36:06 EST

Next message: Nick Piggin: "Re: Synchronizing Bit operations V2"
Previous message: James Cloos: "Re: Schedule for adding pata to kernel?"
In reply to: Chris Wright: "Re: [RFC] Virtualization steps"
Next in thread: Chris Wright: "Re: [RFC] Virtualization steps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Chris Wright <chrisw@xxxxxxxxxxxx> writes:

>> With appropriate care we should be able to allow the container
>> administrator to use this capability to select which security
>> policies, and mechanisms they want.
>>
>> That is something we probably want to consider anyway as
>> currently the security modules break the basic rule that
>> compiling code in should not affect how the kernel operates
>> by default.
>
> Don't follow you on this one.

Very simple, it should be possible statically compile in
all of the security modules and be able to pick at run time which
security module to use.

Unless I have been very blind and missed something skimming
through the code compiling if I compile in all of the security
modules, whichever one is initialized first is the one
that we will use.

Eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Nick Piggin: "Re: Synchronizing Bit operations V2"
Previous message: James Cloos: "Re: Schedule for adding pata to kernel?"
In reply to: Chris Wright: "Re: [RFC] Virtualization steps"
Next in thread: Chris Wright: "Re: [RFC] Virtualization steps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]