Re: c2 (or c2-like) auditing for Linux

• Previous message: Casey Schaufler: "Re: c2 (or c2-like) auditing for Linux"
• Maybe in reply to: Nathan Bardsley: "c2 (or c2-like) auditing for Linux"
• Next in thread: Chris Wright: "Re: c2 (or c2-like) auditing for Linux"
• Reply: Chris Wright: "Re: c2 (or c2-like) auditing for Linux"
• Reply: Casey Schaufler: "Re: c2 (or c2-like) auditing for Linux"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> In order to get any of those messages you will have had to access
> the object to determine that it's a directory. The access check
> will have been done (it had better!) before you go looking around
> in the object.

Sorry, no.  Type checking often occurs before any kind of permission
check to the object, whether we are talking about DAC or the LSM hook call.

--
Stephen Smalley, NSA
sdsat_private

_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Chris Wright: "Re: c2 (or c2-like) auditing for Linux"
• Previous message: Casey Schaufler: "Re: c2 (or c2-like) auditing for Linux"
• Maybe in reply to: Nathan Bardsley: "c2 (or c2-like) auditing for Linux"
• Next in thread: Chris Wright: "Re: c2 (or c2-like) auditing for Linux"
• Reply: Chris Wright: "Re: c2 (or c2-like) auditing for Linux"
• Reply: Casey Schaufler: "Re: c2 (or c2-like) auditing for Linux"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jan 30 2003 - 11:52:18 PST