| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1355255320.2356.148.camel@falcor> Date: Tue, 11 Dec 2012 14:48:40 -0500 From: Mimi Zohar <zohar@...ux.vnet.ibm.com> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Eric Paris <eparis@...isplace.org>, "Kasatkin, Dmitry" <dmitry.kasatkin@...el.com>, Al Viro <viro@...iv.linux.org.uk>, linux-fsdevel <linux-fsdevel@...r.kernel.org>, LSM List <linux-security-module@...r.kernel.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, James Morris <jmorris@...ei.org> Subject: Re: [PATCH 0/2] ima: policy search speedup On Tue, 2012-12-11 at 11:10 -0800, Linus Torvalds wrote: > Anyway, the whole "you can do it at file granularity" isn't the bulk > of my argument (the "we already have the field that makes sense" is). > But my point is that per-inode is not only the logically more > straightforward place to do it, it's also the much more flexible place > to do it. Because it *allows* for things like that. Ok. To summarize, S_IMA indicates that there is a rule and that the iint was allocated. To differentiate between 'haven't looked/don't know' and 'definitely not', we need another bit. For this, you're suggesting using IS_PRIVATE()? Hopefully, I misunderstood. thanks, Mimi -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists