Re: Where Are We?

From: Valdis.Kletnieksat_private
Date: Wed Jun 06 2001 - 10:45:07 PDT

  • Next message: Chris Lundberg: "Re: Where Are We?"

    On Wed, 06 Jun 2001 13:26:43 EDT, Stephen Smalley said:
    
    > Does "kernel logic" just mean the call to inode->i_op->permission,
    > or does it mean all of the permission routines in the various 
    > filesystem implementations?
    
    Don't forget all the *NON*-filesystem based permission checking as well.
    
    For instance, settimeofday() does checking, but never goes anywhere near
    a filesystem that I'm aware of.  And we *all* know that we want to be able
    to create a security policy that allows NTP to diddle the clock, open port
    137, and nothing else...
    -- 
    				Valdis Kletnieks
    				Operating Systems Analyst
    				Virginia Tech
    
    
    
    

    _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module



    This archive was generated by hypermail 2b30 : Wed Jun 06 2001 - 10:46:24 PDT