Thanks for your comments. OK, I understood positioning of filename in SELinux. I wanted to confirm whether it was metadata or not at first because it seems to me a bit unclarity. Drop previous two patches. >>Casey takes a deep breath... >> >>The filename is not an attribute of the file. >>The pathname components are data contained >>in directory entries. The association of path name >>to inode number is one way. There is no association >>of path name from file. Really. This is the thing >>that make audit hard. >> >>Yes, I know "It's obvious". It's just not true. > > > The world is ending because I agree with Casey on this one... > The filename is not an attribute of the file, and we do not want this > type of filtering on directory reads. Use the permissions on the > directory itself to control who can see the names it contains. It is > the data container for the filenames. > > Use polyinstantiation aka Multi-Level Directories aka moldy directories > for shared directories like /tmp. -- KaiGai Kohei <kaigai@private>
This archive was generated by hypermail 2.1.3 : Wed Jan 04 2006 - 08:02:55 PST