On Tue, Jul 24, 2018 at 07:42:08PM -0400, riya khanna wrote:
> Thanks Valdis!
>
> I'm trying to enforce path-based access policies inside a file system
Look at how the apparmor code does it, that's the best solution here.
thanks,
greg k-h
___
Thanks Valdis!
I'm trying to enforce path-based access policies inside a file system
Dir to be excluded is specified during mount time:
mount -t fs -oexclude=/home/user/.ssh /home/user /home/user
When an application invokes an open() sys call, the control is transferred
to fs lookup function:
On Tue, 24 Jul 2018 16:59:27 -0400, riya khanna said:
> I'm trying to understand what prevents TOCTTOU race conditions in
> dentry_path_raw
> and link_path_walk? What happens when somebody points a symlink path
> component from a dir that has the attacker is allowed to read to a dir that
> they
Hi,
I'm trying to understand what prevents TOCTTOU race conditions in
dentry_path_raw
and link_path_walk? What happens when somebody points a symlink path
component from a dir that has the attacker is allowed to read to a dir that
they are not allowed to read while link_path_walk() is doing its