Re: [RFC][PATCH 10/11] security: AppArmor - Add flags to d_path

From: Arjan van de Ven
Date: Thu Apr 20 2006 - 04:26:10 EST

Next message: Arjan van de Ven: "Re: [RFC][PATCH 0/11] security: AppArmor - Overview"
Previous message: Jens Axboe: "Re: new Areca driver in 2.6.16-rc6-mm2 appears to be broken"
In reply to: Tony Jones: "Re: [RFC][PATCH 10/11] security: AppArmor - Add flags to d_path"
Next in thread: Tony Jones: "Re: [RFC][PATCH 10/11] security: AppArmor - Add flags to d_path"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> You are correct on calling BS in that I was wrong to refer to it as the
> "system root". When a task chroots relative to it's current namespace, we
> are interested in the path back to the root of that namespace, rather than
> to the chroot. I believe the patch as stands achieves this, albeit with
> some changing of comments.

it actually doesn't; you assume there is such a path which is not a
given. For example if your mount got lazy umounted (like hal probably
does) then it's a floating mount not one tied to any tree going to the
root of any namespace.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Arjan van de Ven: "Re: [RFC][PATCH 0/11] security: AppArmor - Overview"
Previous message: Jens Axboe: "Re: new Areca driver in 2.6.16-rc6-mm2 appears to be broken"
In reply to: Tony Jones: "Re: [RFC][PATCH 10/11] security: AppArmor - Add flags to d_path"
Next in thread: Tony Jones: "Re: [RFC][PATCH 10/11] security: AppArmor - Add flags to d_path"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]