Stephen Smalley wrote: > For files, I'm not sure how to provide the same distinction > during the open checks with LSM, since LSM merely calls > the permission function with the read/write access mode, > so the module has no way of knowing if O_APPEND was > specified. I could implement some support for setting > the S_APPEND flag on inodes based on their security > label in accordance with the security policy, but > that would yield different semantics - append-only > access for all processes, not just processes with > particular labels. Suggestions? Does the LSM call to the permissions function specify the calling process? If so, can the SELinux module follow the reference to the calling process, and then inspect its security label, to determine whether this process is appropriately labeled for append access? Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Sat May 19 2001 - 14:01:22 PDT