Re: Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview

From: Andi Kleen
Date: Thu Apr 27 2006 - 07:06:07 EST

Next message: Con Kolivas: "2.6.16-ck8"
Previous message: Arnd Bergmann: "Re: Simple header cleanups"
In reply to: Christoph Hellwig: "Re: Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview"
Next in thread: Alan Cox: "Re: [RFC][PATCH 0/11] security: AppArmor - Overview"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday 27 April 2006 13:02, Christoph Hellwig wrote:
> On Thu, Apr 27, 2006 at 08:15:30AM +1000, Neil Brown wrote:
> > 3/ Is AppArmour's approach of using d_path to get a filename from a
> > dentry valid and acceptable?
>
> Clear no, and that should have been obvious to the aa people from the
> beginning. To make a path-based approach actually work as designed you
> need to hook up higher, where the real path is available.

What do you mean with real path? Even in open the path can be quite weird
("dir1/../dir2/../dir3/..." etc.)

I suspect it will always need to work with sanitized paths.

Starting from the dentry for that is a quite reasonable, although
d_path indeed seems quite inefficient without any caching mechanism.

-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Con Kolivas: "2.6.16-ck8"
Previous message: Arnd Bergmann: "Re: Simple header cleanups"
In reply to: Christoph Hellwig: "Re: Some Concrete AppArmor Questions - was Re: [RFC][PATCH 0/11] security: AppArmor - Overview"
Next in thread: Alan Cox: "Re: [RFC][PATCH 0/11] security: AppArmor - Overview"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]