On Tuesday 03 July 2007 15:49, Stephen Smalley wrote:
> So you don't actually need/use the struct file pointer; you just need a
> flag indicating whether or not access was by open file descriptor or by
> pathname?
Yes, indeed. Given that struct iattr already defines ATTR_FILE and ia_file, I
didn'
On Thu, 2007-06-28 at 20:15 +0200, Andreas Gruenbacher wrote:
> On Thursday 28 June 2007 18:12, James Morris wrote:
> > Are you trying to cater for the case where you're holding an open fd for a
> > file which has been deleted, and thus has no pathname?
>
> Yes, see the AA_CHECK_FD flag in securi
On Thursday 28 June 2007 18:12, James Morris wrote:
> Are you trying to cater for the case where you're holding an open fd for a
> file which has been deleted, and thus has no pathname?
Yes, see the AA_CHECK_FD flag in security/apparmor/main.c:aa_perm_dentry(). We
want to distinguish between the
On Tue, 26 Jun 2007, [EMAIL PROTECTED] wrote:
> Struct iattr already contains ia_file since commit cc4e69de from
> Miklos (which is related to commit befc649c). Use this to pass
> struct file down the setattr hooks. This allows LSMs to distinguish
> operations on file descriptors from operations
Struct iattr already contains ia_file since commit cc4e69de from
Miklos (which is related to commit befc649c). Use this to pass
struct file down the setattr hooks. This allows LSMs to distinguish
operations on file descriptors from operations on paths.
Signed-off-by: Andreas Gruenbacher <[EMAIL P
5 matches
Mail list logo