* Stephen Smalley (sdsat_private) wrote: > On Thu, 2003-04-24 at 09:03, Christoph Hellwig wrote: > > Hmm, what would you think of changing the xattr_trusted security > > model to fit your needs? It's so far unused outside XFS and there's > > maybe a chance changing it. > > It would require removing the capable(CAP_SYS_ADMIN) checks from the > xattr_trusted.c handler and implementing them in the capabilities > security module (and corresponding superuser tests in the dummy security > module) via the inode_setxattr and inode_getxattr hook functions. This > would then permit security modules to implement their own permission > checking logic for getxattr and setxattr calls for their attributes, and > it would allow security modules to internally call the getxattr and > setxattr inode operations without being subjected to these checks in > order to manage the attributes. Or perhaps introducing some of the CAP_MAC_* bits. In either case, it'd be nice to reuse xattr_trusted if possible, IMHO. thanks, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Apr 24 2003 - 11:41:37 PDT