Re: [PATCH-RFC] code for raceless /sys/fs/foofs/*

From: Valdis . Kletnieks
Date: Thu May 06 2004 - 12:17:43 EST

Next message: Niccolo Rigacci: "2Gb file size limit on 2.4.24, LVM and ext3?"
Previous message: Dave Hansen: "RE: [2.6.6 PATCH] Exposing EFI memory map"
In reply to: Nikita Danilov: "Re: [PATCH-RFC] code for raceless /sys/fs/foofs/*"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 06 May 2004 20:35:37 +0400, Nikita Danilov said:

> But isn't this a problem with sysfs in general? Restricted process still
> observes all devices, busses, etc. through /sys. If such information is
> sensitive, shouldn't there be some way to selectively mount only
> portions of kobject trees?

Alternatively, there's a nice security module infrastructure - use that to
restrict who can view given subtrees of /sys. Currently, SELinux is able
to slice-n-dice the /proc filesystem for different accesses, but code
would need to be written to do it for /sys.

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Niccolo Rigacci: "2Gb file size limit on 2.4.24, LVM and ext3?"
Previous message: Dave Hansen: "RE: [2.6.6 PATCH] Exposing EFI memory map"
In reply to: Nikita Danilov: "Re: [PATCH-RFC] code for raceless /sys/fs/foofs/*"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]