Re: r-o bind in nfsd

From: Tetsuo Handa
Date: Tue Mar 25 2008 - 07:46:16 EST

Next message: Oliver Neukum: "Re: [RFC][PATCH] PM: Introduce new top level suspend and hibernation callbacks (rev. 3)"
Previous message: Balbir Singh: "Re: [RFC][-mm] Memory controller add mm->owner"
In reply to: Neil Brown: "Re: r-o bind in nfsd"
Next in thread: NeilBrown: "Re: r-o bind in nfsd"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello.

> Maybe some enhancement to the 'intent' structure with a similar
> effect could be done instead.
>
> Then you could, presumably, put a security hook somewhere in
> link_path_walk for those modules (like AppArmor) which want to do
> checks based on the namespace.

I think link_path_walk() is not a good place to insert new LSM hooks
for pathname based access control (AppArmor and TOMOYO) purpose because

(1) The kernel don't know what operation (open/create/truncate etc.) will be
done at the moment of link_path_walk().

(2) Not all operations call link_path_walk() before these operations
are done. For example, ftruncate() doesn't call link_path_walk().

(3) The rename() and link() operations handle two pathnames.
But, it is not possible to know both pathnames at the moment of
link_path_walk().

I think we need to introduce new LSM hooks outside link_path_walk().
http://kerneltrap.org/mailarchive/linux-fsdevel/2008/2/17/882024
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Oliver Neukum: "Re: [RFC][PATCH] PM: Introduce new top level suspend and hibernation callbacks (rev. 3)"
Previous message: Balbir Singh: "Re: [RFC][-mm] Memory controller add mm->owner"
In reply to: Neil Brown: "Re: r-o bind in nfsd"
Next in thread: NeilBrown: "Re: r-o bind in nfsd"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]