Re: [PATCH v4 04/19] SELinux: Remove cred security blob poisoning

From: James Morris
Date: Thu Sep 27 2018 - 18:13:49 EST


On Fri, 21 Sep 2018, Casey Schaufler wrote:

> The SELinux specific credential poisioning only makes sense
> if SELinux is managing the credentials. As the intent of this
> patch set is to move the blob management out of the modules
> and into the infrastructure, the SELinux specific code has
> to go. The poisioning could be introduced into the infrastructure
> at some later date.

If it's useful, it should be incorporated into core LSM, otherwise that's
a regression for SELinux.


--
James Morris
<jmorris@xxxxxxxxx>