* Chris Wright (chrisat_private) wrote: > * Chris Evans (chrisat_private) wrote: > > > > BTW, I don't think your current hooks would catch a sendfile() operation, > > which IIRC goes through the unhooked readpage() rather than the hooked > > read() or mmap(). > > I think you are right. We mean to catch sendfile (i.e. it's on the > hotlist), but it just hasn't been added yet. actually, my verification was bogus. I looked in the interface and did not find a sendfile check. looking at the code in filemap.c we do the following verification: security_ops->file_ops->permission (in_file, MAY_READ); security_ops->file_ops->permission (out_file, MAY_WRITE); I think we're covered. -chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed May 16 2001 - 18:01:23 PDT