Re: [patch] inotify, improved.

From: Valdis . Kletnieks
Date: Fri Jun 17 2005 - 11:13:04 EST

Next message: Gerald Schaefer: "Re: [PATCH 1/1] SELinux: memory leak in selinux_sb_copy_data()"
Previous message: Stephen Smalley: "Re: [PATCH 1/1] SELinux: memory leak in selinux_sb_copy_data()"
In reply to: Robert Love: "Re: [patch] inotify, improved."
Next in thread: Robert Love: "Re: [patch] inotify, improved."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 17 Jun 2005 11:44:38 EDT, Robert Love said:
> I have been hesitant, though. I do not want feature creep to be a
> deterrent to acceptance into the Linux kernel. I also think that there
> could be arguments about security. Sending the event is one thing,
> telling which pid (and thus what user, etc.) caused the event is
> another. For example, we can make the argument that read rights on a
> file are tantamount to the right to receive a read event. But can we
> say that read rights are enough for a unprivileged user to know that
> root at pid 820 is writing the file? I don't know.

It's also racy as hell. By the time the inotify gets delivered to the
userspace process, pid 820 may be long gone.....

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Gerald Schaefer: "Re: [PATCH 1/1] SELinux: memory leak in selinux_sb_copy_data()"
Previous message: Stephen Smalley: "Re: [PATCH 1/1] SELinux: memory leak in selinux_sb_copy_data()"
In reply to: Robert Love: "Re: [patch] inotify, improved."
Next in thread: Robert Love: "Re: [patch] inotify, improved."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]