I've incorporated Stephen's suggestions but the superblock (sb) is not available until after the quotactl hook so I added it to the quota_on hook instead. --- Lachlan McIlroy Phone: +61 3 9596 4155 Trusted Linux Fax: +61 3 9596 2960 Adacel Technologies Ltd www.adacel.com > -----Original Message----- > From: Stephen Smalley [mailto:sdsat_private] > Sent: Monday, August 27, 2001 11:57 PM > To: Lachlan McIlroy > Cc: linux-security-moduleat_private > Subject: Re: quotactl hook > > > > On Mon, 27 Aug 2001, Lachlan McIlroy wrote: > > > Attached is a patch to add a hook to the quotactl() > > system call. The hook has been made authoritative as > > that seems to be the direction that LSM is heading. Any > > feedback/opinions/comments would be greatly appreciated... > > Why not pass the 'id' parameter as well, so that the module > can perform access control on the particular user or group > identity? Also, why not pass the 'sb' parameter (although > the module would need to be careful, because it may be NULL) > so that the module can perform access control based on > the particular file system? Finally, it would be nice to > also have a hook in quota_on after the filp_open so that > the module can control what files are used as quota files. > > -- > Stephen D. Smalley, NAI Labs > ssmalleyat_private > > > > > >
This archive was generated by hypermail 2b30 : Tue Aug 28 2001 - 18:58:20 PDT