tech-security archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: secmodel_register(9) API
- Subject: Re: secmodel_register(9) API
- From: Christoph Badura <bad%bsd.de@localhost>
- Date: Tue, 6 Dec 2011 01:40:06 +0100
On Mon, Dec 05, 2011 at 02:35:53PM -0500, Elad Efrat wrote:
> What the new API allows is interaction between secmodels that are
> built by people who are not part of NetBSD and don't want their
> secmodel to become part of NetBSD but do want to take advantage of
> features in secmodels provided by NetBSD.
That is simply not true.
As I have explained in my reply to jym@ you basically provide the
same functionality that is already available through the linker.
And you want to provide more interaction between secmodels than that the
secmodel_eval approach requires changing NetBSD secmodel code to add
hooks to be called from 3rd party secmodel through secmodel_eval or adding
code to NetBSD secmodel code to call hooks provided by 3rd party
secmodels. Neither is possible without "becoming part of NetBSD" or
using a source tree with private modifications. In the latter case
secmodel_eval adds no value, however.
--chris
Home |
Main Index |
Thread Index |
Old Index