Re: [RFC][2.4 PATCH] A restricted /dev filesystem.

From: Kristian Sørensen
Date: Mon Nov 01 2004 - 07:54:52 EST

Next message: Russell King: "Re: [patch 5/8] serial/68360serial: replace schedule_timeout() with msleep_interruptible()"
Previous message: Neil Horman: "Re: TCP port numbers"
In reply to: Tetsuo Handa: "[RFC][2.4 PATCH] A restricted /dev filesystem."
Next in thread: Tetsuo Handa: "Re: [RFC][2.4 PATCH] A restricted /dev filesystem."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

I see your point to some degree...

On Monday 01 November 2004 13:15, Tetsuo Handa wrote:
> Specifications:
>
> No regular files allowed. (since I think /dev needn't to keep regular
> files.) No hardlinks allowed. (since I think hardlinks are unused for /dev
> .)
Unless your work will be accepted in the vanilla kernel, you will might
consider making your code a bit more generic.

E.g. these two statements of disallowing creation of hardlinks and regular
files in /dev can easily be implemented as a LSM module (see
include/linux/security.h). (I think) You will need to consider the hooks
inode_create and inode_link only.

Cheers, KS.

--
Kristian Sørensen
- The Umbrella Project
http://umbrella.sourceforge.net

E-mail: ipqw@xxxxxxxxxxxx, Phone: +45 29723816
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Russell King: "Re: [patch 5/8] serial/68360serial: replace schedule_timeout() with msleep_interruptible()"
Previous message: Neil Horman: "Re: TCP port numbers"
In reply to: Tetsuo Handa: "[RFC][2.4 PATCH] A restricted /dev filesystem."
Next in thread: Tetsuo Handa: "Re: [RFC][2.4 PATCH] A restricted /dev filesystem."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]