ima_inode_post_setattr() calls ima_must_appraise() to check if
file needs to be appraised. If it is not then it removes security.ima
xattr. With original policy matching code it might happen that even
file needs to be appraised with FILE_CHECK hook, it might not be
for POST_SETATTR hook. 'security.
On Fri, 2014-02-28 at 16:59 +0200, Dmitry Kasatkin wrote:
> ima_inode_post_setattr() calls ima_must_appraise() to check if
> file needs to be appraised. If it is not then it removes security.ima
> xattr. With original policy matching code it might happen that even
> file needs to be appraised with
2 matches
Mail list logo
