On Tuesday 29 May 2007 12:46, Tetsuo Handa wrote: > But, from the pathname-based access control's point of view, > bind mount interferes severely with pathname-based access control > because it is impossible to determine which pathname was requested.
Wrong. It is very well possible to determine the path of a particular dentry (+ vfsmount) with bind mounts. > Although both pathnames point to the same object, TOMOYO focuses on the > PROCEDURE FOR REACHING AN OBJECT and being able to know the procedure is > very important. This doesn't make sense, either. With the following sequence of syscalls of processes A and B (both of them in the namespace root), A: B: mkdir("/tmp/a") chdir("/tmp/a") rename("/tmp/a", "/tmp/b") creat("f") the path being checked for the creat call must be "/tmp/b/f", even though process A never explicitly used "b". If that's not what TOMOYO is doing, then that's badly broken. Andreas - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/