[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4B958D7F.1030900@redhat.com>
Date: Mon, 08 Mar 2010 18:51:27 -0500
From: Rik van Riel <riel@...hat.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>
CC: Alan Cox <alan@...rguk.ukuu.org.uk>, Ingo Molnar <mingo@...e.hu>,
James Morris <jmorris@...ei.org>, linux-kernel@...r.kernel.org,
Kyle McMartin <kyle@...artin.ca>,
Alexander Viro <viro@....linux.org.uk>
Subject: Re: Upstream first policy
On 03/08/2010 06:37 PM, Linus Torvalds wrote:
> That's an example of non-pathname-based security, where you actually mark
> the content itself restricted some way. It's very naturally done with
> labels on the inode itself. It's what UNIX has _always_ done
>
> Nobody has ever suggested removing that. That would be crazy.
It is quite clear that the content based security
protects the content from being manipulated by
processes that should not be able to do so.
However, what is unclear to me is ...
> But that thing is _independent_ from the other totally unrelated issue,
> namely the fact that "/etc/passwd" is a special name in the namespace. In
> other words, there is "content security", but then there is also
> "namespace security".
... what exactly does the namespace security protect against?
What is the threat model that the namespace security protects
against, which is not protected by the content based security?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists