On Fri, Oct 19, 2001 at 03:03:52PM -0400, Serge E. Hallyn wrote: > As the lsm code stands, we cannot use (as far as I can tell) the > device major and minor numbers to decide whether to permit/deny > mounting. At the sb_ops->mount() check, we only have the device > name, which may be misleading. How would people feel about adding > a hook in fs/namespace.c:657: > > if (security_ops->sb_ops->check_sb(mnt->mnt_sb, nd)) > goto unlock; > Looks like a good place to put a hook (with Stephan's suggestion.) > I ask before submitting a patch because I get the feeling people > see lsm as being pretty set in stone... Not if people find places to put useful hooks like this one :) thanks, greg k-h _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Fri Oct 19 2001 - 13:54:22 PDT