Re: Append vs. write distinctions

From: David Wagner (dawat_private)
Date: Sat May 19 2001 - 18:13:32 PDT

  • Next message: jmjonesat_private: "Extending a Security Module"

    Chris Evans  wrote:
    >On Sat, 19 May 2001, Crispin Cowan wrote:
    >> Does the LSM call to the permissions function specify the calling process?
    >What about the global "current"?
    Is this safe?  Is there any place in the kernel that calls sys_read()
    without being in a valid user context?  If it doesn't happen today,
    is there a chance it might happen tomorrow (or in some loadable kernel
    module outside our control)?  Come to think of it, does this issue
    come up anywhere else?
    I believe I've seen some kernel code that calls sys_*() functions
    directly, so if my memory is not failing it is possible to execute sys_*()
    syscall code by paths other than the obvious "a user process executes
    int 0x80 to request a syscall".  I don't know whether this affects other
    LSM code, either.
    I apologize if I'm asking a stupid question here.
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Sat May 19 2001 - 18:16:28 PDT