Re: Changes to LSM phase 1 for audit.

Previous message: Casey Schaufler: "Re: Security through Permissiveness: A Zen Riddle?"
In reply to: Casey Schaufler: "Re: Changes to LSM phase 1 for audit."
Next in thread: Casey Schaufler: "Re: Changes to LSM phase 1 for audit."
Next in thread: Jesse Pollard: "Re: Changes to LSM phase 1 for audit."
Reply: Casey Schaufler: "Re: Changes to LSM phase 1 for audit."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

gregat_private

On Wed, Jul 18, 2001 at 09:40:27AM -0700, Casey Schaufler wrote:
> 
> You really want both. The fd is the name by which the process
> refers to the object. If the file is unlinked (has a link count
> of 0) there is no pathname which is associated with it, and
> it would be erronious to report the pathname which it had when
> it was opened. We also have the case of pseudo file systems, where
> the inode number is just as transient as the fd. A good audit
> analysis tool is going to be able to answer querys based on fd,
> such as "where did this Trojan Horse get stdin from?".
> It does an audit system a lot of good to have the fd, and
> it is trivial to provide.

Since the fd is only needed for audit, can we agree that this change
will be postponed until "stage 2"?

thanks,

greg k-h

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module