Re: [patch 01/15] security: pass path to inode_create

From: Miklos Szeredi
Date: Mon Jun 02 2008 - 07:36:26 EST

Next message: Sergei Shtylyov: "Re: [PATCH 08/21] ali14xx: convert to use ide_timing_find_mode()"
Previous message: Ingo Molnar: "Re: [PATCH 0 of 3] xen: save/restore bugfixes"
In reply to: Matthew Wilcox: "Re: [patch 01/15] security: pass path to inode_create"
Next in thread: Miklos Szeredi: "Re: [patch 01/15] security: pass path to inode_create"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > I maintain, that moving lsm hooks into callers is insane. And that's
> > *the* sanest alternative that anybody has been able to come up with to
> > passing down vfsmounts into the vfs.
>
> Not so. I showed how pathname-based security could be done *without*
> passing vfsmounts down at all. Unfortunately, you weren't interested.

Umm, not sure what you are referring to. Could you please give a
pointer? I'm sure the apparmor developers would be more than
interested in such a scheme, if it does indeed work.

Thanks,
Miklos
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Sergei Shtylyov: "Re: [PATCH 08/21] ali14xx: convert to use ide_timing_find_mode()"
Previous message: Ingo Molnar: "Re: [PATCH 0 of 3] xen: save/restore bugfixes"
In reply to: Matthew Wilcox: "Re: [patch 01/15] security: pass path to inode_create"
Next in thread: Miklos Szeredi: "Re: [patch 01/15] security: pass path to inode_create"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]