El mar, 08-02-2005 a las 16:15 -0800, Chris Wright escribió: > * Lorenzo Hernández García-Hierro (lorenzo@private) wrote: > > As commented yesterday, I was going to release a few more hooks for some > > *critical* syscalls, this one adds a hook to sys_chmod(), and makes us > > able to apply checks and logics before releasing the operation to > > sys_chmod(). > > This is exactly the kind of hook we've tried to avoid. This is really > asking for permission to alter inode attribute data. This type of > hook is incomplete because there are other ways to alter this data, > and this access is already controlled by the inode_setattr hook (as > Tony mentioned). So this is a no go. Right, the patch is no longer available as notify_change grabs the inode_setattr hook returned data. Did you checked the other one on sys_chroot()? (I've updated it a day or so ago). Cheers, thanks for commenting on it. -- Lorenzo Hernández García-Hierro <lorenzo@private> [1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
This archive was generated by hypermail 2.1.3 : Wed Feb 09 2005 - 06:11:47 PST