On Tuesday 29 May 2007 12:46, Tetsuo Handa wrote:
> But, from the pathname-based access control's point of view,
> bind mount interferes severely with pathname-based access control
> because it is impossible to determine which pathname was requested.
Wrong. It is very well possible to determine the path of a particular dentry
(+ vfsmount) with bind mounts.
> Although both pathnames point to the same object, TOMOYO focuses on the
> PROCEDURE FOR REACHING AN OBJECT and being able to know the procedure is
> very important.
This doesn't make sense, either. With the following sequence of syscalls of
processes A and B (both of them in the namespace root),
A: B:
mkdir("/tmp/a")
chdir("/tmp/a")
rename("/tmp/a", "/tmp/b")
creat("f")
the path being checked for the creat call must be "/tmp/b/f", even though
process A never explicitly used "b". If that's not what TOMOYO is doing, then
that's badly broken.
Andreas
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
