* Stephen D. Smalley (sdsat_private) wrote: > > > In order to get any of those messages you will have had to access > > the object to determine that it's a directory. The access check > > will have been done (it had better!) before you go looking around > > in the object. > > Sorry, no. Type checking often occurs before any kind of permission > check to the object, whether we are talking about DAC or the LSM hook call. This is the crux of the difficulty of a standards compliant audit within the kernel. -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jan 30 2003 - 14:26:38 PST