Subject: Re: [linux-audio-dev] Re: POSIX caps/realtime/root processes
From: Fernando Pablo Lopez-Lezcano (nando_AT_ccrma.stanford.edu)
Date: Tue Nov 25 2003 - 20:05:13 EET
> The Linux Security Module (LSM) interface is a standard part of 2.6.
> There actually is a backport of the security modules patch to 2.4 on
> the NSA site for SELinux. But, it is quite large and I doubt many
> people would want to apply it for running realtime audio.
It depends on whether it interacts with other patches... But yes, I
would prefer not to have to add YAP (yet another patch? :-)
> Your small patch is probably safer and more secure.
> So, my feeling is that the best approach is...
>
> (1) LSM for 2.6.
>
> (2) An interface-compatible variant of your patch for 2.4.
I agree, looks good to me.
> I intend to continue experimenting along these lines until I prove to
> myself that all this really works and is useful. So, far it looks
> encouraging.
Indeed... thanks for working on this! A LOT!
-- Fernando
This archive was generated by hypermail 2b28 : Tue Nov 25 2003 - 20:10:26 EET