, permission event.
This permission is needed for any watch which is of this type. Though
fanotify requires CAP_SYS_ADMIN, this is insufficient as it gives implicit
trust to root, which we do not do, and does not support least privilege.
Signed-off-by: Aaron Goidel
Acked-by: Casey Schaufler
Acked-by: Jan
On 8/12/19 11:06 AM, Paul Moore wrote:
On Fri, Aug 9, 2019 at 2:14 PM Aaron Goidel wrote:
As of now, setting watches on filesystem objects has, at most, applied a
check for read access to the inode, and in the case of fanotify, requires
CAP_SYS_ADMIN. No specific security hook or permission
On 8/12/19 9:41 AM, Jan Kara wrote:
On Sat 10-08-19 11:01:16, Paul Moore wrote:
On August 10, 2019 6:05:27 AM Amir Goldstein wrote:
Other than Casey's comments, and ACK, I'm not seeing much commentary
on this patch so FS and LSM folks consider this your last chance - if
I don't hear any
, permission event.
This permission is needed for any watch which is of this type. Though
fanotify requires CAP_SYS_ADMIN, this is insufficient as it gives implicit
trust to root, which we do not do, and does not support least privilege.
Signed-off-by: Aaron Goidel
Acked-by: Casey Schaufler
---
v2
On 8/9/19 5:06 AM, Amir Goldstein wrote:
On Thu, Aug 8, 2019 at 9:33 PM Paul Moore wrote:
On Wed, Jul 31, 2019 at 11:35 AM Aaron Goidel wrote:
As of now, setting watches on filesystem objects has, at most, applied a
check for read access to the inode, and in the case of fanotify
On 8/9/19 8:55 AM, Paul Moore wrote:
On Fri, Aug 9, 2019 at 5:06 AM Amir Goldstein wrote:
On Thu, Aug 8, 2019 at 9:33 PM Paul Moore wrote:
On Wed, Jul 31, 2019 at 11:35 AM Aaron Goidel wrote:
As of now, setting watches on filesystem objects has, at most, applied a
check for read access
, permission event.
This permission is needed for any watch which is of this type. Though
fanotify requires CAP_SYS_ADMIN, this is insufficient as it gives implicit
trust to root, which we do not do, and does not support least privilege.
Signed-off-by: Aaron Goidel
---
fs/notify/dnotify/dnotify.c
, permission event.
This permission is needed for any watch which is of this type. Though
fanotify requires CAP_SYS_ADMIN, this is insufficient as it gives implicit
trust to root, which we do not do, and does not support least privilege.
Signed-off-by: Aaron Goidel
---
v3:
- Renames mark_type to obj_type
On 7/18/19 12:16 PM, Amir Goldstein wrote:
On Thu, Jul 18, 2019 at 5:31 PM Aaron Goidel wrote:
diff --git a/fs/notify/fanotify/fanotify_user.c
b/fs/notify/fanotify/fanotify_user.c
index a90bb19dcfa2..9e3137badb6b 100644
--- a/fs/notify/fanotify/fanotify_user.c
+++ b/fs/notify/fanotify
to root, which we do not do, and does not support least privilege.
Signed-off-by: Aaron Goidel
---
v2:
- Adds support for mark_type
- Adds watch_sb and watch_mount file permissions
- Adds watch as new filesystem permission
- LSM hook now recieves mark_type argument
- Changed LSM
On 7/10/19 10:55 AM, Amir Goldstein wrote:
On Wed, Jul 10, 2019 at 4:34 PM Aaron Goidel wrote:
As of now, setting watches on filesystem objects has, at most, applied a
check for read access to the inode, and in the case of fanotify, requires
CAP_SYS_ADMIN. No specific security hook
, and does not support least privilege.
Signed-off-by: Aaron Goidel
---
fs/notify/dnotify/dnotify.c | 14 +++---
fs/notify/fanotify/fanotify_user.c | 11 +--
fs/notify/inotify/inotify_user.c| 12 ++--
include/linux/lsm_hooks.h | 2 ++
include/linux
12 matches
Mail list logo