Re: secure computing for 2.6.7

[Stephen Smalley]

On Tue, 2004-08-03 at 17:02, Alexander Lyamin wrote:
> convinience ? speed ?
> 
> 
> RBAC is a Good Thing, but I wonder if it could provide throughout syntax analysis
> for vfs related syscalls. As it is now.
> 
> At least what declared in their docs, fs-wise they are somewhat like this
> 
> Macro Name	Description
> stat_file_perms	Permissions to call stat or access on a file.
> x_file_perms	Permissions to execute a file.
> r_file_perms	Permissions to read a file.
> rx_file_perms	Permissions to read and execute a file.
> rw_file_perms	Permissions to read and write a file.
> ra_file_perms	Permissions to read and append to a file.
> link_file_perms	Permissions to link, unlink, or rename a file.
> create_file_perms	Permissions to create, access, and delete a file.
> r_dir_perms	Permissions to read and search a directory.
> rw_dir_perms	Permissions to read and modify a directory.
> ra_dir_perms	Permissions to read and add entries to a directory.
> create_dir_perms	Permissions to create, access, and delete a directory.
> mount_fs_perms	Permissions to mount and unmount a filesystem.

I'm not sure I understand what you are trying to say.  What you list
above are common sets of permissions defined as macros for convenience,
but you still have the freedom to specify individual permissions.
  
-- 
Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/