* Charles Levert (chuckat_private) wrote: > Hi everyone. > > I am working on a security module that (kind of) implements traditional > capabilities (i.e., unforgeable references, not posix-draft capabilities). > For this, I need a security hook in LSM that allows me to walk the > directory tree (in the dcache) across mountpoints if necessary, every > time a file is opened. This means I need more than just a dentry but > also the vfsmount that goes with it. One way to obtain this is to be > passed a nameidata. A similar hook was removed earlier this year in favor of the d_instatiate hook. Couple questions: 1) have you looked at the thread and verified that you dont' have the same problems? 2) can't the data that you are getting during post_lookup be associated with the inode and stored as xatrr on-disk? On a similar note, since Trond's intents patch the permission hook now has nameidata available. I'd like to update the API to use nameidata where apropos. Would this help? thanks, -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed Sep 03 2003 - 12:12:06 PDT