lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20090326161945.GU28946@ZenIV.linux.org.uk>
Date:	Thu, 26 Mar 2009 16:19:45 +0000
From:	Al Viro <viro@...IV.linux.org.uk>
To:	David Howells <dhowells@...hat.com>
Cc:	Kentaro Takeda <takedakn@...data.co.jp>,
	Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>,
	Toshiharu Harada <haradats@...data.co.jp>,
	linux-kernel@...r.kernel.org
Subject: Re: Are path-based LSM hooks called from the wrong places?

On Thu, Mar 26, 2009 at 04:14:26PM +0000, David Howells wrote:

> As I said, what I don't want to have to do is attempt to regenerate the full
> pathname, especially if the pathname isn't accessible from within the current
> process's chroot or namespace.

... and if it's not accessible from said process' namespace, pathname-based
checks are going to produce really bizarre results.

IOW, I'd say that such checks simply don't apply in case of fscache.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ