Re: [RESEND][PATCH] ima: Set and clear FMODE_CAN_READ in ima_calc_file_hash()

From: Linus Torvalds
Date: Tue Nov 17 2020 - 18:30:21 EST

Next message: Eric Biggers: "Re: [PATCH v7 1/8] block: ensure bios are not split in middle of crypto data unit"
Previous message: KP Singh: "[PATCH bpf-next v4 2/2] bpf: Add tests for bpf_bprm_opts_set helper"
In reply to: Mimi Zohar: "Re: [RESEND][PATCH] ima: Set and clear FMODE_CAN_READ in ima_calc_file_hash()"
Next in thread: Linus Torvalds: "Re: [RESEND][PATCH] ima: Set and clear FMODE_CAN_READ in ima_calc_file_hash()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Nov 17, 2020 at 3:24 PM Mimi Zohar <zohar@xxxxxxxxxxxxx> wrote:
>
> I really wish it wasn't needed.

Seriously, I get the feeling that IMA is completely mis-designed, and
is doing actively bad things.

Who uses this "feature", and who cares? Because I would suggest you
just change the policy and be done with it.

Linus

Next message: Eric Biggers: "Re: [PATCH v7 1/8] block: ensure bios are not split in middle of crypto data unit"
Previous message: KP Singh: "[PATCH bpf-next v4 2/2] bpf: Add tests for bpf_bprm_opts_set helper"
In reply to: Mimi Zohar: "Re: [RESEND][PATCH] ima: Set and clear FMODE_CAN_READ in ima_calc_file_hash()"
Next in thread: Linus Torvalds: "Re: [RESEND][PATCH] ima: Set and clear FMODE_CAN_READ in ima_calc_file_hash()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]