tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: secmodel_register(9) API


> Reviews before merge welcome. If nobody raises his voice, I'll proceed 
> to commit it at the end of the week.

i hesitate to complicate kauth related locking rules, given that it's
already broken.  have you checked if it's safe for these listeners sleep?
(rw_enter can sleep.)

i thought the purpose of these secmodels are localize the knowledge of
suser, securelevel, etc.  secmodel_eval seems contradict.

if anyone outside of the securelevel secmodel really needs to query
securelevel, doesn't it mean the variable just ought to be exported
in a normal way?


Home | Main Index | Thread Index | Old Index