[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Dazuko-devel] Red Hat bug report for Dazuko
|
From: |
John Ogness |
|
Subject: |
Re: [Dazuko-devel] Red Hat bug report for Dazuko |
|
Date: |
Tue, 31 May 2005 14:45:20 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040913 |
Sami Tikka wrote:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=156599
We are trying to re-open the case about Dazuko with Red Hat.
John, would you like to step in and write your take on the Red Hat bugzilla
report . The URL is above.
Hi Sami,
I created an account and posted a comment to the bug report. I am curious
how they respond.
Related question is that why does capability break LSM-stacking when
capabilities are built-in to the kernel? It seems that built-in capability
support does not use LSM at all. Or am I misteken?
Capability uses LSM. It makes absolutely no difference to the kernel if
something is loaded as a module or built into the kernel. The exact same
init() and hooking routines are used. Any kernel the has "capability" built
into the kernel, has no LSM stacking support.
Dazuko is also capable of disabling stacking support when you use:
--disable-stacking
when configuring Dazuko. It is much easier for a module *not* to support
stacking. For this reason most don't support it. LSM stacking is (in my
opinion) a flawed design and it is a feature that is way over-hyped. It
causes many more problems than it solves. This is one of the main
motivations for getting Dazuko away from LSM and instead use DazukoFS (in
the VFS layer).
John Ogness
--
Dazuko Maintainer