Re: [PATCH] permission hook in filemap_nopage

From: jmjonesat_private
Date: Wed Feb 06 2002 - 11:02:39 PST

  • Next message: Chris Wright: "[ANNOUNCE] 2002_02_06 patch against 2.5.3"

    On Tue, 5 Feb 2002, Crispin Cowan wrote:
    
    >     * I mediate open, so that only the privileged parts of my process
    >       can open the sensitive files.
    >     * I do *not* believe that I can control the spread of file
    >       descriptors within a process, so I need to mediate access by
    >       mediating read/write.
    
    Just a query: suppose a process passes a file descriptor via IPC to
    another point in the same process?  I agree you cannot (only in my
    estimation) control this situation, without imposing certain requirements
    on the application. 
    
    Do we need read/write moderation?  I think we do.  Are all cases covered?
    
    Sincerely,
    J. Melvin Jones
    
    
    |>------------------------------------------------------
    ||  J. MELVIN JONES            jmjonesat_private 
    |>------------------------------------------------------
    ||  Microcomputer Systems Consultant  
    ||  Software Developer
    ||  Web Site Design, Hosting, and Administration
    ||  Network and Systems Administration
    |>------------------------------------------------------
    ||  http://www.jmjones.com/
    |>------------------------------------------------------
    
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Wed Feb 06 2002 - 11:03:24 PST