On Mon, 4 Jun 2001 sarnoldat_private wrote: > A quick check of my version of the source code shows that we only have > opaque security blobs on the binprm or binfmts stuff. Shouldn't there > be more opaque blobs placed on objects (dentries in this case? Or > would inodes be preferred? Both?) to allow just this sort of policy > easily? LSM has security blobs on inodes already, but that isn't the problem. The LSM permission hook has access to the inode, but it doesn't have any way to override a denial by the base logic (it only has a way to override a granting by the base logic). The capable() function and its LSM hook don't have access to the inode, since capabilities are merely process privileges, so the CAP_DAC_READ_SEARCH check cannot be performed based on the file's attributes. -- Stephen D. Smalley, NAI Labs ssmalleyat_private _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Jun 04 2001 - 12:27:36 PDT