Fwd: Re: [PATCH] remove sys_security

From: Russell Coker (russellat_private)
Date: Tue Oct 29 2002 - 04:10:30 PST

  • Next message: Greg KH: "[BK PATCH] LSM changes for 2.5.44"

    Here's an interesting message I received.  What do you think?
    
    On Thu, Oct 24, 2002 at 10:45:44AM +0200, Russell Coker wrote:
    > Currently sys_security is used to implement open_secure(),
    > mkdir_secure(), etc which do this atomically.
    
    This is just a random comment, but SE Linux could be the perfect
    pretext for adding something I've always wished for: anonymous file
    creation.  Something like
    
        fd = open("/var/log/syslog", O_ANONYMOUS);
        chmod(fd, ...);
        chown(fd, ...);
        set_xattr(fd, ...);
        write(fd, ...);
        ...
        flink(fd, "/var/log/syslog");
    
    The path in open is needed for setting defaults (eg, ACL) and for
    specifying the backing.  The flink part is poorly thought out; I'm
    sure you can think of problems with it.  But I suspect there is a
    good solution in there somewhere.
    
    It's sort of like how you create a socket before you connect it to
    anything.
    
    Given the resistence you're likely to encounter to new system calls,
    this might actually be a more efficient path to the functionality
    you want.
    
    Just my musings.
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Tue Oct 29 2002 - 04:12:14 PST