YAMAMOTO Takashi wrote:
>>> to avoid making existing code insecure when introducing new scopes.
>> Let's say we introduced a new scope. Can you think of any situation
>> where we would dispatch authorization requests on this scope without
>> also adding some listeners?
> 
> 3rd party listeners.

That's exactly what this was for: if we *don't* have it, you create
a situation where, if the listeners are loaded via LKM during boot-time,
their *loading* will be denied because the default rule says "no
listeners, always deny". That's *exactly* why it needs to be
configurable.

> i don't think it is a good reason to make it per-scope.

How is the code I did "per-scope"? it's in kauth_authorize_action().

> - i don't think it's so relevant.
> - i don't think IPFILTER_DEFAULT_BLOCK option is a great idea.

My point...

> - iirc, ipfilter has a global knob to enable it.
>   it's basically what i suggested here.

Again, isn't this what I was saying..?

-e.

-- 
Elad Efrat