Re: [PATCH] Version 3 (2.6.23-rc8) Smack: Simplified MandatoryAccess Control Kernel

From: Thomas Bleher
Date: Tue Oct 02 2007 - 04:36:55 EST


* Christoph Hellwig <hch@xxxxxxxxxxxxx> [2007-10-02 10:14]:
> On Sun, Sep 30, 2007 at 01:16:18AM -0700, Andrew Morton wrote:
> > reviewed the August thread from your version 1 submission and the message I
> > take away is that the code has been well-received and looks good when
> > considered on its own merits, but selinux could probably be configured to
> > do something sufficiently similar.
> >
> > I'd have trouble declaring that "but" to be a reason to not merge smack.
> > I'm more thinking "let's merge it and see if people use it".
>
> I'm not sure this was discussed on the list, but as long as Casey doesn't
> get rid of the magic symlinks (smackfs_follow_link), there's a clear NACK
> from the VFS perspective.

Any rationale for this NACK?
Caseys patch doesn't add something crazy like "make symlinks depend on
environment variables"; also, we already have something similar in-tree:
/proc/self.

Thomas
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/