Re: Adding a security parameter to VFS functions

From: Linus Torvalds
Date: Thu Aug 16 2007 - 18:59:18 EST




On Wed, 15 Aug 2007, David Howells wrote:
>
> Would you object greatly to functions like vfs_mkdir() gaining a security
> parameter? What I'm thinking of is this:
>
> int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode,
> struct security *security)

I personally consider this an affront to everythign that is decent.

Why the *hell* would mkdir() be so magical as to need something like that?

Make it something sane, like a "struct nameidata" instead, and make it at
least try to look like the path creation that is done by "open()". Or
create a "struct file *" or something.

I can imagine having "mkdir()" being passed similar data as "open()" (ie
"lookup()"), but I cannot _possibly_ imagine it ever being valid to pass
in something totally made-up to just mkdir(), and nothing else. There's
something fundamentally wrong there.

What makes mkdir() so magical?

Also, what about all the other ops? Why is mkdir() special, but not
"mknod()"? Why is "mkdir()" special, but not "rmdir()"? Really, none of
this seems to make any sense unless you describe what is so magical about
mkdir().

Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/