On Mon, Jan 9, 2017 at 1:43 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: > On Mon, 2017-01-09 at 19:29 +0100, Oleg Nesterov wrote: >> Seriously, could someone explain why do we need the >> security_task_wait() >> hook at all? > > I would be ok with killing it. > IIRC, the original motivation was to block an unauthorized data flow > from child to parent when the child context differs, but part of that > original design was also to reparent the child automatically, and that > was never implemented. I don't think there is a real use case for it > in practice and it just breaks things, so let's get rid of it unless > someone objects. Patches are always welcome, plenty of time to get things in for 4.11 :) -- paul moore www.paul-moore.com _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
