--- linux-2.5.70-tpe/Documentation/lsm/tpe.txt 2003-06-12 15:49:19.000000000 -0700 +++ linux-2.5.70/Documentation/lsm/tpe.txt 2003-06-10 12:26:15.000000000 -0700 @@ -26,27 +26,28 @@ In short, if the path and user are both untrusted, execution will be denied. In order to actually modify the access control list for TPE, the module uses -a sysfs subsystem called tpefs. The tpefs contains two files; add and del -Performing read and write operations on the aforementioned files creates a user -to system interface that will alter the trusted list. See "Modifying the -Trusted List" below for the methods of altering the list using these files. +a pseudo filesystem called tpefs. The tpefs contains two files; trustedlistadd +and trustedlistdel. Performing read and write operations on the aforementioned +files creates a user to system interface that will alter the trusted list. See +"Modifying the Trusted List" below for the methods of altering the list using +these files. Note: The two file approach was utilized rather than a single file in order to keep the code and administration of the module simple for both the kernel and the user. Installation: 1. Recompile the kernel to include LSM and TPE as a module. -2. mount -t sysfs sysfs -3. insmod tpe.o +2. insmod tpe.ko +3. mount -t tpefs none 4. See "Modifying the Trusted List" below for instructions on how to add/delete users to/from the list. Modifying the Trusted List: -Adding a user: echo > /tpefs/add -Deleting a user: echo > /tpefs/del -Show list to userspace: cat /tpefs/add +Adding a user: echo > trustedlistadd +Deleting a user: echo > trustedlistdel +Show list to userspace: cat trustedlistadd Note: The above methods utilizing echo and cat are good examples of how to alter the list. If the user is so interested, they may utilize other methods of read/write on the files in order to perform similar actions on the list. -One example might be doing a "more /tpefs/add" in order to show the list. +One example might be doing a "more trustedlistadd" in order to show the list.