> Furthermore, it would be interesting to see if we could push > some of the other attach_pathlabel hook calls down to lower-level > lookup hook calls (patterned after the i_op->lookup routine > and called after successful calls to that routine), again > with DTE being able to assign types merely based on the parent > directory's inode security object and the relative name of > the newly looked up entry. Not sure if I understand you correctly here, but if all i have is the inode and relative pathname (ie, inode for "/var/spool/mail", and name "hallyn"), that is obviously insufficient, since that prevents me assigning the same typename at points in otherwise distinct fs subtrees. For instance, for whatever reason, I might have /var/spool/mail and /usr/spool/mail as actually different directories, same security label, but want to assign a different security label to "hallyn" under each. -serge _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Mon Jul 02 2001 - 13:47:31 PDT