On Thu, 2003-04-24 at 09:03, Christoph Hellwig wrote: > Hmm, what would you think of changing the xattr_trusted security > model to fit your needs? It's so far unused outside XFS and there's > maybe a chance changing it. It would require removing the capable(CAP_SYS_ADMIN) checks from the xattr_trusted.c handler and implementing them in the capabilities security module (and corresponding superuser tests in the dummy security module) via the inode_setxattr and inode_getxattr hook functions. This would then permit security modules to implement their own permission checking logic for getxattr and setxattr calls for their attributes, and it would allow security modules to internally call the getxattr and setxattr inode operations without being subjected to these checks in order to manage the attributes. -- Stephen Smalley <sdsat_private> National Security Agency _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Apr 24 2003 - 06:50:19 PDT