security/selinux/hooks.c:flush_unauthorized_files()

From: Christoph Hellwig
Date: Mon Sep 26 2005 - 07:58:09 EST

Next message: Rafael J. Wysocki: "Re: [PATCH 3/3][Fix] swsusp: prevent swsusp from failing if there's too many pagedir pages"
Previous message: jamal: "Re: [ANNOUNCE] Release of nf-HiPAC 0.9.0"
Next in thread: Stephen Smalley: "Re: security/selinux/hooks.c:flush_unauthorized_files()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Folks, what is this code doing in a security module?

The check for unauthorized files should really move into
flush_old_files, removing the horrible devnull hack at the same time.

The tty loop isn't in the right place either, and it seems we might
be missing a call to disassociate_tty if the current process is the
session leader. I'd suggest moving this code into fs/exec.c aswell,
aksing the security module for the actual permissions through an LSM
hook.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Rafael J. Wysocki: "Re: [PATCH 3/3][Fix] swsusp: prevent swsusp from failing if there's too many pagedir pages"
Previous message: jamal: "Re: [ANNOUNCE] Release of nf-HiPAC 0.9.0"
Next in thread: Stephen Smalley: "Re: security/selinux/hooks.c:flush_unauthorized_files()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]