Re: extended file permissions based on LSM
Chris Wright (chris@wirex.com)
Sun, 1 Sep 2002 16:08:05 -0700
* Daniel Phillips (phillips@arcor.de) wrote:
> On Sunday 01 September 2002 02:26, Chris Wright wrote:
> > * Ingo Oeser (ingo.oeser@informatik.tu-chemnitz.de) wrote:
> > >
> > > So this is a correctly pointed out design weakness: The way the
> > > user took to reach the inode cannot be taken into account.
> >
> > Yes, this is known, and there are anticipated VFS changes to remedy
> > this.
>
> Could you describe them, please?
For example, passing vfsmount/dentry pair to i_op->permission().
getattr() is already done, and last I heard I Al intends to do
setattr() as well.
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/