realtime-lsm and Debian kernel

To: debian-kernel@lists.debian.org
Subject: realtime-lsm and Debian kernel
From: Guenter Geiger <geiger@xdv.org>
Date: Mon, 10 Oct 2005 16:23:04 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.63.0510101608580.26374@xdv.org>


Hi,

I am maintaining a linux security module (LSM) called realtime
for the Debian system. Loading the module into the stock Debian
kernel only works if
CONFIG_SECURITY=y
and
CONFIG_SECURITY_CAPABILITIES=m,
which means that the kernel has to be security enabled and the
standard security setting (capability.ko) is a module.

For most of the time this has actually been the case for Debian kernels,

unfortunately these setting seem to have changed, so that with the new2.6.13 release the capability.ko is compiled into the kernel, which makesit impossible to influence security aspects of a running kernel.


Is there a reason for these changes ?

Would it be possible to stick to CONFIG_SECURITY=y andCONFIG_SECURITY_CAPABILITIES=m ?

If not, why ?
Can this be considered a bug and should I file a bug report ?

Cheers,

Guenter
(Please CC as I am not subscribed anymore)

Reply to:

Follow-Ups:
- Re: realtime-lsm and Debian kernel
  - From: Jurij Smakov <jurij@wooyd.org>
- Re: realtime-lsm and Debian kernel
  - From: Bastian Blank <waldi@debian.org>

Prev by Date: linux-2.6_2.6.13-1_ia64.changes is NEW
Next by Date: Bug#333051: marked as done (Presario 2100 Keyboard stuck on Caps Lock)
Previous by thread: linux-2.6_2.6.13-1_ia64.changes is NEW
Next by thread: Re: realtime-lsm and Debian kernel
Index(es):
- Date
- Thread