Re: Append vs. write distinctions

From: Chris Evans (chrisat_private)
Date: Sun May 20 2001 - 14:19:21 PDT

  • Next message: Stephen Smalley: "Re: Append vs. write distinctions"

    On 20 May 2001, David Wagner wrote:
    > Chris Evans  wrote:
    > >On Sat, 19 May 2001, Crispin Cowan wrote:
    > >> Does the LSM call to the permissions function specify the calling process?
    > >
    > >What about the global "current"?
    > Is this safe?  Is there any place in the kernel that calls sys_read()
    > without being in a valid user context?  If it doesn't happen today,
    > is there a chance it might happen tomorrow (or in some loadable kernel
    > module outside our control)?  Come to think of it, does this issue
    > come up anywhere else?
    Most syscalls code paths are generally riddled with the assumption that
    there is a valid user context. For example, capable() references current.
    The read example you highlight is interesting. I don't know of any
    sys_read() usages within the kernel, but some places definitely use the
    LSM hooked fops->read(),write(). Examples would be quota handling and
    process accounting.
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Sun May 20 2001 - 14:20:27 PDT