On Fri, Jul 20, 2001 at 11:45:36AM -0400, Serge E. Hallyn wrote: > > Not at all. The dentry list is systemwide. if /dev/mouse is a link to > /dev/psaux, and the process access /dev/psaux, while another process > accesses /dev/mouse, the inode has two entries on it's dentry/d_alias > list. I agree. But in this case there is a link. And the "profile" or whatever you security model uses, had better know about the fact that there is a link from /dev/mouse to /dev/psaux on the system if it wants to be able to control access to /dev/psaux. Actually, since /dev/mouse is a soft link to /dev/psaux, I think the dentry path might show up as /dev/psaux, but I'm not sure... I haven't messed with that code in a long time. > Now, again, attach_pathlabel does no better, unless you attach multiple > labels to each inode as I've mentioned previously in private. Not pretty. > > I'm starting to wonder how this was originally implemented... For SubDomain? They were hooks in namei.c that were called before permission() was called, and a dentry was passed in that hook. Personally I like the permission() hook much better. Only one entry point that catches a whole lot more things than the original SubDomain hooks did. The whole inode/dentry issue is worth it to get better protection IMHO. greg k-h _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Jul 20 2001 - 09:09:27 PDT