On Mon, 2004-08-16 at 15:43, Serge Hallyn wrote: > > For consistency, shouldn't the same hook also be called by > > proc_pid_lookup? > > Oh, but note that the combination of security_inode_permission() and > security_task_to_inode() does achieve the same effect as enhancing > proc_pid_lookup(). It's certainly not as clean or obvious, but it might > be used an argument against it. Is the advantage of using this one hook > for both purposes sufficient motivation? Logically, I'd view "hiding /proc/pid entries" as covering both readdir and lookup, so I'd expect a single hook (and certainly a hook named task_lookup) to mediate them both. Given the existence of such a hook, we would implement it for SELinux to ensure consistent semantics, even though we already mediate lookup via security_inode_permission, as you mentioned. -- Stephen Smalley <sds@private> National Security Agency
This archive was generated by hypermail 2.1.3 : Mon Aug 16 2004 - 12:11:27 PDT