Re: [RFC 0/28] Patches to pass vfsmount to LSM inode security hooks

From: Stephen Smalley
Date: Wed Feb 07 2007 - 11:12:28 EST


On Wed, 2007-02-07 at 07:43 -0800, Chris Wright wrote:
> * Andreas Gruenbacher (agruen@xxxxxxx) wrote:
> > Reiserfs currently only marks the ".reiserfs_priv" directory as private, but
> > not the files below it -- how about the attached patch to fix that?
>
> I don't think that's right. Look at ->create or ->lookup. Both of those
> properly set the private flag. This patch looks like a step backwards,
> sprinkling the init in so many places.

Yes, I thought that this was already covered by the existing inheritance
of the private flag from the parent directory.

On a separate note, I believe that the current problem with using
reiserfs and selinux is just that reiserfs hasn't been updated to call
security_inode_init_security() and set the security xattr when creating
a new file; see ext3 or jfs for an example. But I don't know of anyone
using reiserfs with selinux presently.

--
Stephen Smalley
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/