Re: [RFC][Patch 1/6] integrity: new hooks
From: Valdis . Kletnieks
Date: Thu Mar 08 2007 - 15:40:27 EST
On Thu, 08 Mar 2007 12:46:47 CST, "Serge E. Hallyn" said:
> I think it should be done as both. The part which measures the
> integrity of files should be an integrity subsystem. The part which
> uses those results to either allow/refuse actions or take some other
> action (i.e. shut down the system) should be an lsm.
That would be good - the allow/deny parts, being security, can use the
existing LSM hooks, and the integrity part can use the LIM hooks.
Umm... wait a minute - *what* Linux Integrity Module hooks? :)
Attachment:
pgp00000.pgp
Description: PGP signature