Re: extended file permissions based on LSM

From: Chris Wright (chris@wirex.com)
Date: Sat Aug 31 2002 - 18:50:41 EST

Next message: Milton Miller: "Re: Linux kernel lockup with BVM SCSI controller on MCPN765 PPC board"
Previous message: Alessandro Suardi: "2.5.33: LOG macro in cpia.c broken"
In reply to: Gabor Kerenyi: "extended file permissions based on LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Gabor Kerenyi (wom@tateyama.hu) wrote:
> Hi!
>
> I'm looking around the LSM module and I know it has got some
> functions for the filesystem part. Well, it looks good, but the
> permission thing is not enough. In fact it's enough to check
> the permission of an inode, but I'd like to check permissions
> for a dentry AND its inode at the same place and time.

We are anticipating VFS changes that include passing a dentry/vfsmount
pair to the permission check. This gives you both the inode as well as
the point in the tree the user is accessing the inode.

thanks,
-chris

-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Milton Miller: "Re: Linux kernel lockup with BVM SCSI controller on MCPN765 PPC board"
Previous message: Alessandro Suardi: "2.5.33: LOG macro in cpia.c broken"
In reply to: Gabor Kerenyi: "extended file permissions based on LSM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sat Aug 31 2002 - 22:00:34 EST