Re: secmodel_register(9) API

Subject: Re: secmodel_register(9) API
From: Christoph Badura <bad%bsd.de@localhost>
Date: Tue, 6 Dec 2011 01:40:06 +0100

On Mon, Dec 05, 2011 at 02:35:53PM -0500, Elad Efrat wrote:
> What the new API allows is interaction between secmodels that are
> built by people who are not part of NetBSD and don't want their
> secmodel to become part of NetBSD but do want to take advantage of
> features in secmodels provided by NetBSD.

That is simply not true.

As I have explained in my reply to jym@ you basically provide the
same functionality that is already available through the linker.

And you want to provide more interaction between secmodels than that the
secmodel_eval approach requires changing NetBSD secmodel code to add
hooks to be called from 3rd party secmodel through secmodel_eval or adding
code to NetBSD secmodel code to call hooks provided by 3rd party
secmodels.  Neither is possible without "becoming part of NetBSD" or
using a source tree with private modifications.  In the latter case
secmodel_eval adds no value, however.

--chris

Follow-Ups:
- Re: secmodel_register(9) API
  - From: Eric Haszlakiewicz

References:
- Re: secmodel_register(9) API
  - From: Christoph Badura
- Re: secmodel_register(9) API
  - From: Jean-Yves Migeon
- Re: secmodel_register(9) API
  - From: Elad Efrat

Prev by Date: Re: secmodel_register(9) API
Next by Date: Re: secmodel_register(9) API
Previous by Thread: Re: secmodel_register(9) API
Next by Thread: Re: secmodel_register(9) API
Indexes:

Home | Main Index | Thread Index | Old Index