On Tue, 22 May 2001, Chris Wright wrote: > > 1) Change the computation of acc_mode in open_namei() to retain > > the O_APPEND flag if it is in flags. In the permission() function, > > call the LSM permission security hook with this expanded access mode so > > that it can distinguish append access from write access. After calling > > the LSM permission security hook, reduce the access mode to the > > traditional read/write/execute modes before performing the normal > > Linux checking (i.e. the call to the inode permission operation > > or the call to vfs_permission). OR > > Do you have a preference? I would favor this first option. This will also require a hook in fcntl to address the situation where the O_APPEND flag is cleared on an open file descriptor. -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Tue May 29 2001 - 08:28:27 PDT