Re: [AppArmor 19/45] Add struct vfsmount parameters to vfs_rename()

[Al Viro]

On Fri, Oct 26, 2007 at 11:23:53AM -0700, John Johansen wrote:

> In the current code, both vfsmounts are always identical, and so one of
> the two should go, agreed.
> 
> The thought behind passing both vfsmounts was that they could differ but
> point to the same super_block, in which case renames would still be
> possible at least from a filesystem point of view. The essential
> restriction here is that both files must be on the same device; the vfs
> restriction of not allowing cross-mount renames is arbitrary.

It's called "access control".  Pathname-based one, BTW.  And yes, it's
100% deliberate.

> Cross-mount renames are not allowed currently, and granted, they may not
> be very useful, either.

<raised brows>
Excuse me, but IIRC LSM was supposed to _add_ restrictions, not to remove
existing security checks.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/