[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080602124906.GD8562@parisc-linux.org>
Date: Mon, 2 Jun 2008 06:49:06 -0600
From: Matthew Wilcox <matthew@....cx>
To: Andreas Gruenbacher <agruen@...e.de>
Cc: Miklos Szeredi <miklos@...redi.hu>, hch@...radead.org,
linux-security-module@...r.kernel.org,
linux-fsdevel@...r.kernel.org, jmorris@...ei.org,
sds@...ho.nsa.gov, eparis@...hat.com, casey@...aufler-ca.com,
jjohansen@...e.de, penguin-kernel@...ove.sakura.ne.jp,
viro@...iv.linux.org.uk, linux-kernel@...r.kernel.org
Subject: Re: [patch 01/15] security: pass path to inode_create
On Mon, Jun 02, 2008 at 02:45:10PM +0200, Andreas Gruenbacher wrote:
> Without the vfsmount, when something is mounted in more than once place, you
> cannot report which of the name aliases a process is accessing. This is
> unacceptable; the logs would become unusable. With pathname-based, the
> AppArmor and TOMOYO folks really mean pathname-based, not a hybrid pathname /
> mount point model.
audit_getname manages to do this. You're just not thinking hard enough ;-)
> One consequence of this is that pathname-based models must control who is
> allowed to create aliases where, of course.
Absolutely.
--
Intel are signing my paycheques ... these opinions are still mine
"Bill, look, we understand that you're interested in selling us this
operating system, but compare it to ours. We can't possibly take such
a retrograde step."
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists