Re: [kernel-hardening] [PATCH 00/11] S.A.R.A. a new stacked LSM

From: Serge E. Hallyn
Date: Thu Jul 13 2017 - 15:51:11 EST


Quoting Mimi Zohar (zohar@xxxxxxxxxxxxxxxxxx):
> On Thu, 2017-07-13 at 08:39 -0400, Matt Brown wrote:
> The question is really from a security perspective which is better?
>  Obviously, as v2 of the patch set changed from using pathnames to
> inodes, it's pretty clear that I think inodes would be better.  Kees,
> Serge, Casey any comments?

Yes, inode seems clearly better. Paths are too easily worked around.