• Stephen D. Smalley's avatar
    [PATCH] LSM: Add LSM syslog hook to 2.5.59 · 7c9bf63f
    Stephen D. Smalley authored
    This patch adds the LSM security_syslog hook for controlling the
    syslog(2) interface relative to 2.5.59 plus the previously posted
    security_sysctl patch.  In response to earlier comments by Christoph,
    the existing capability check for syslog(2) is moved into the
    capability security module hook function, and a corresponding dummy
    security module hook function is defined that provides traditional
    superuser behavior.  The LSM hook is placed in do_syslog rather than
    sys_syslog so that it is called when either the system call interface
    or the /proc/kmsg interface is used.  SELinux uses this hook to
    control access to the kernel message ring and to the console log
    level.
    7c9bf63f
dummy.c 16.2 KB