--- David Howells <[EMAIL PROTECTED]> wrote: > Casey Schaufler <[EMAIL PROTECTED]> wrote: > > > What sort of authorization are you thinking of? I would expect > > that to have been done by cachefileselinuxcontext (or > > cachefilesspiffylsmcontext) up in userspace. If you're going to > > rely on userspace applications for policy enforcement they need > > to be good enough to count on after all. > > It can't be done in userspace, otherwise someone using the cachefilesd > interface can pass an arbitrary context up.
Yes, but I would expect that interface to be protected (owned by root, mode 0400). If /dev/cachefiles has to be publicly accessable make it a privileged ioctl. > The security context has to be > passed across the file descriptor attached to /dev/cachefiles along with the > other configuration parameters as a text string. I got that. > This fd selects the > particular cache context that a particular instance of a running daemon is > using. Yes, but forgive me being slow, I don't see the problem. Casey Schaufler [EMAIL PROTECTED] -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/