| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20071026182352.GA32415@suse.de>
Date: Fri, 26 Oct 2007 11:23:53 -0700
From: John Johansen <jjohansen@...e.de>
To: Al Viro <viro@....linux.org.uk>
Cc: jjohansen@...e.de, akpm@...ux-foundation.org,
linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org, Tony Jones <tonyj@...e.de>,
Andreas Gruenbacher <agruen@...e.de>
Subject: Re: [AppArmor 19/45] Add struct vfsmount parameters to vfs_rename()
On Fri, Oct 26, 2007 at 08:37:49AM +0100, Al Viro wrote:
> On Thu, Oct 25, 2007 at 11:40:43PM -0700, jjohansen@...e.de wrote:
> > The vfsmount will be passed down to the LSM hook so that LSMs can compute
> > pathnames.
>
> You know, you really are supposed to understand the code you are modifying...
> Quiz: what are those vfsmounts and how are they related?
>
In the current code, both vfsmounts are always identical, and so one of
the two should go, agreed.
The thought behind passing both vfsmounts was that they could differ but
point to the same super_block, in which case renames would still be
possible at least from a filesystem point of view. The essential
restriction here is that both files must be on the same device; the vfs
restriction of not allowing cross-mount renames is arbitrary.
Cross-mount renames are not allowed currently, and granted, they may not
be very useful, either.
> Al, carefully abstaining from saying what he really thinks of LSM and its
> users...
As always, it's a pleasure to see the genuine Viro charm at play.
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists