Re: [patch] inotify, improved.

[John McCutchan]

On Fri, Jun 17, 2005 at 10:40:32AM -0600, Chris Friesen wrote:
> Robert Love wrote:
> >On Fri, 2005-06-17 at 09:37 -0600, Chris Friesen wrote:
> 
> >>On a newsgroup someone was using inotify, but was asking if there was 
> >>any way to also determine which process/user had caused the notification.
> 
> >I have been hesitant, though.  I do not want feature creep to be a
> >deterrent to acceptance into the Linux kernel.
> 
> Absolutely.
> 
> >I also think that there could be arguments about security.
> >...can we
> >say that read rights are enough for a unprivileged user to know that
> >root at pid 820 is writing the file?  I don't know.
> 
> I'm sure some reasonable rules could be determined.  Maybe you'd need to 
> be the owner of the file to get the extra info, with root able to 
> monitor everything.
> 
> Maybe there should be a way to load plugins into inotify (something like 
> netfilter) so that people load modules to send themselves whatever 
> information they want...

This is probably a good idea for the _audit_ system. Inotify was
designed to do 1 task well, and it should stay that way.

John
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/