Re: Security issues with local filesystem caching
From: David Howells
Date: Wed Oct 25 2006 - 14:17:41 EST
Jeff V. Merkey <jmerkey@xxxxxxxxxxxxxxxxxxxxx> wrote:
> Have it access them as 0.0 (root) when you change the fsuid, etc. and I think
> this would satisfy security concerns.
That's what I'm currently doing, but Christoph objected and said I'm not
allowed to change fsuid and fsgid.
That also doesn't cover the MAC issues.
> I agree that it sounds like someone needs to instrument MAC layers with this
> subsystem.
Yes.
David
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/