corbet-lk@eklektix.com (Jonathan Corbet) said.
[...]
> Presumably the database, as stored in the kernel, would tie to both the
> device and inode numbers. It clearly can't work with just the file name
> alone. Some sort of direct attachment to a (permanently) in-core inode or
> dentry structure probably makes the most sense - it's where you would need
> to find it when the program is executed. But, again, I've not thought
> about how you would actually implement it.
There are filesystems around (FAT comes to mind) that have nothing
inode-like on which you could pin capabilities. It is certainly possible to
overwrite a file now, and the result has the same inode as before. So the
above will have to be supplemented with extra mechanisms, which will be
security-critical. Dunno if that is feasible.
-- Horst von Brand vonbrand@sleipnir.valparaiso.cl Casilla 9G, Viņa del Mar, Chile +56 32 672616- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue Feb 29 2000 - 21:00:14 EST