Re: [RESEND][RFC][PATCH 2/7] implementation of LSM hooks

[Greg KH]

On Tue, Apr 18, 2006 at 01:35:48PM -0700, Crispin Cowan wrote:
> > - Ease of use should be addressed in the user interface, not by using a
> > broken kernel mechanism.   There is ongoing work to address the
> > useability of SELinux in userspace; it doesn't require changing the
> > kernel mechanism to rely on pathnames (which is broken).
> >   
> Mediating by file names rather than inodes is the fundamental place
> where we disagree.

The main problem with "mediating by file names" in Linux these days is
(as I'm sure you know) the whole fun of binds, namespaces and other
lovely things that people do with filesystems (see the fun that
ClearCase does with bind mounts on the latest 2.6 kernel for an example
of the nightmare that "file names" will cause.)

Yes, users are used to filenames, but fortunatly they don't matter to
the kernel.

> I am delighted with LSM, because it allows us to disagree without
> having to fight about it.

LSM doesn't care about filenames, but inodes.  So you both are not
disagreeing :)

thanks,

greg k-h
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/