On 20 May 2001, David Wagner wrote: > Chris Evans wrote: > >On Sat, 19 May 2001, Crispin Cowan wrote: > >> Does the LSM call to the permissions function specify the calling process? > > > >What about the global "current"? > > Is this safe? Is there any place in the kernel that calls sys_read() > without being in a valid user context? If it doesn't happen today, > is there a chance it might happen tomorrow (or in some loadable kernel > module outside our control)? Come to think of it, does this issue > come up anywhere else? Most syscalls code paths are generally riddled with the assumption that there is a valid user context. For example, capable() references current. The read example you highlight is interesting. I don't know of any sys_read() usages within the kernel, but some places definitely use the LSM hooked fops->read(),write(). Examples would be quota handling and process accounting. Cheers Chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Sun May 20 2001 - 14:20:27 PDT