On Apr 1, 2005 9:14 AM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: > On Fri, 2005-04-01 at 09:11 -0500, Dmitry Torokhov wrote: > > So the question is - should there be a way for the kernel to temporary > > switch context to "kernel" before executing some operations? I could > > hack firmware loader to always start a new thread, but I wonder if we > > have more places that need to temporarily override callers context and > > therefore more general solution is needed. > ... > > Whether or not an interface as you describe is needed is unclear; there > is no usage case at present, I am confused, I thought I described a scenario why it might be needed. I probably just misunderstand what you mean by "usage case". >and temporary changes in credentials are > often a source of security flaws. Yes, I understand that. I guess adjusting firmware loader to do the job from a separate thread is the easiest way for now... -- Dmitry
