Re: quotactl hook

From: David Wagner (dawat_private)
Date: Wed Sep 05 2001 - 12:15:54 PDT

  • Next message: Greg KH: "Re: quotactl hook"

    richard offer  wrote:
    >capable() is not a substitute for authoritative hooks, there is
    >insufficient information available inside the hook on which to make any
    >decision that is more complex than "is this process running with
    >privilege".
    
    I think possibly there is a misunderstanding here.  The idea is not that
    the capable() hook would make the decision; it wouldn't, in Smalley's
    proposal.  Instead, the capable() hook would always override the kernel
    checks and treat allow the file access as allowed.  Then, when the
    LSM restrictive hook is called, the restrictive hook code has all the
    information needed to make the authoritative decision, and so can make
    the final call.  In this way, it seems that you might get everything
    you want, without changing the LSM architecture.  Do you agree?
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Wed Sep 05 2001 - 13:18:29 PDT