| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 Aug 2007 11:50:57 -0700 (PDT) From: James Morris <jmorris@...ei.org> To: Casey Schaufler <casey@...aufler-ca.com> cc: David Howells <dhowells@...hat.com>, torvalds@...l.org, akpm@...l.org, steved@...hat.com, trond.myklebust@....uio.no, linux-fsdevel@...r.kernel.org, linux-cachefs@...hat.com, nfsv4@...ux-nfs.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 11/14] CacheFiles: Permit an inode's security ID to be obtained [try #2] On Thu, 9 Aug 2007, Casey Schaufler wrote: > This is SELinux specific functionality. It should not be an LSM > interface. As long as the security labels are themselves not being exported to the kernel to be used e.g. for display or transport, then I agree, and we should avoid passing them around outside the LSM entirely if possible. Usually, they're attached to a significant kernel object, which you typically pass around as part of the interface anyway. David, I've looked at the code and can't see that you need to access the label itself outside the LSM. Could you instead simply pass the inode pointer around? (I know it's not always possible, but much preferred). - James -- James Morris <jmorris@...ei.org> - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists