> Maybe we should start to bring them piece by piece, fe. PaX first and
> others.
PaX is an example of something that won't port to LSM. The grsecurity
MAC, RBAC, chroot restrictions, TPE are the types of things that would port
nicely.
> Question is not that will somebody do that, i am sure of that - grsec is
> needed in 2.4 - and it will be needed in 2.6. Question is, if it will be
> included in mainstream kernel release ?
I don't expect to see it in 2.6 mainline at all. The patch could be
reduced if some of the core access control logic was placed in an LSM.
thanks,
-chris
-- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/