Good idea, however there are two potential problems that I can see.
When creating a file the UID/GID name space for the file is the same as that
for the process. In SE Linux the name space for files to be created does not
intersect the name space of the processes. This makes it much less clean
than setfsuid().
Secondly there is the issue of a lack of atomicity. Is there a potential for
a signal handler to create a file between the setesid() and creat() in the
main code? I guess the API open_secure() could remain the same and block all
signals for it's operation...
-- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/