> I agree. But in this case there is a link. And the "profile" or > whatever you security model uses, had better know about the fact that > there is a link from /dev/mouse to /dev/psaux on the system if it wants > to be able to control access to /dev/psaux. Ah, yes, the page on subdomain I saw said nothing about this, but of course so long as the policy guards against both names, then even though there can be >1 dentry for the inode, they can pick either one from the dentry list in permission(). > Actually, since /dev/mouse is a soft link to /dev/psaux, I think the > dentry path might show up as /dev/psaux, but I'm not sure... I haven't > messed with that code in a long time. yeah, bad example, substitute any two real hard links. :-) Well, don't, you circumvent my argument above. -serge _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Jul 20 2001 - 09:15:27 PDT