* Omen Wild (Omen.Wildat_private) wrote: > > So, new questions. If file_permission gets called for every read/write > call, is there an easy way to detect the very first call? Aside from recording it in your filp->security blob, no. > If I tap file_permission will that cover all ways for a > file/program/library to get loaded or executed? Hrm, these are mmap(2)'d. > I guess the hook I really want is a file_open hook, but that seems to > be inode_permission, which does not seem to be the hook I want. Ack, > I'm confused. This has been a core struggle since early on in LSM. We went the route of inode's rather than path's since the inode is the actual on disk object that you care about, not necessarily the path used to get to it. thanks, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu Jul 24 2003 - 14:24:49 PDT