Re: Determing the difference between path_walk and chdir ?

Previous message: richard offer: "Re: Minor style issue - make kerror first on authoritative hooks?"
In reply to: richard offer: "Re: Determing the difference between path_walk and chdir ?"
Next in thread: richard offer: "Re: Determing the difference between path_walk and chdir ?"
Next in thread: Stephen Smalley: "Re: Determing the difference between path_walk and chdir ?"
Reply: richard offer: "Re: Determing the difference between path_walk and chdir ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

dawat_private

richard offer  wrote:
>I don't want to keep shadow state to emulate what the kernel is doing, I
>just want to record the directory/file that has been passed to sys_chdir()
>for audit.

Ahh, ok.  I guess a number of folks have suggested that changes to LSM
made solely to support audit should be deferred, so maybe we should put
off this question for a bit.

But you raise a good point about the difficulty of unambiguously
identifying certain operations from the arguments to permission(), and
maybe there are cases where this might infringe on some useful access
control policies.  Has anyone looked at whether this is an issue to
worry about?

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module