Please don't introduce a special case for just nfs. All filesystems
should control their mount options, so please provide some library
helpers for context= handling and move it into all filesystems that
can support selinux.
-
To unsubscribe from this list: send the line unsubscribe
Just FYI: A NACK to such an addition doesn't simply go away by
ignoring it.
-
To unsubscribe from this list: send the line unsubscribe
linux-security-module in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, Nov 06, 2007 at 11:52:40PM +0900, Tetsuo Handa wrote:
Hello.
Christoph Hellwig wrote:
Any code except VFS internals has no business using it at all and doesn't
do that in mainline either. I'd start looking for design bugs in whatever
code you have using it first.
Isn't
On Tue, Nov 06, 2007 at 01:00:41PM +0900, Tetsuo Handa wrote:
Hello.
I found that accessing namespace_sem from security_inode_create()
causes lockdep warning when compiled with CONFIG_PROVE_LOCKING=y .
Any code except VFS internals has no business using it at all and doesn't
do that in
On Fri, Oct 26, 2007 at 07:37:21AM -0700, Arjan van de Ven wrote:
before going into the LSM / security side of things, I'd like to get
the VFS guys to look at your VFS interaction code.
It's been NACKed a few times, and just reposting it won't help.
-
To unsubscribe from this list: send the
On Sun, Sep 30, 2007 at 01:16:18AM -0700, Andrew Morton wrote:
reviewed the August thread from your version 1 submission and the message I
take away is that the code has been well-received and looks good when
considered on its own merits, but selinux could probably be configured to
do
On Sat, Apr 21, 2007 at 09:04:06PM +0200, Andreas Gruenbacher wrote:
It is unspecified whether all members of the statvfs structure have
meaningful values on all file systems.
In my opinion, the advantage of not reporting bogus pathnames in /proc/mounts
by far outweighs the problems is
On Mon, Apr 16, 2007 at 06:29:20PM +0200, Andreas Gruenbacher wrote:
enum { MAX_NESTED_LINKS = 8 };
+/**
+ * Fields shared between nameidata and nameidata2 -- nameidata2 could
+ * be embedded in nameidata, but then the vfs code would become
+ * cluttered with dereferences.
you could use
On Mon, Apr 16, 2007 at 06:40:41PM +0200, Andreas Gruenbacher wrote:
On Monday 16 April 2007 18:21, Christoph Hellwig wrote:
But anyway, creating fake nameidata structures is not really helpful.
If there is a nameidata passed people expect it to be complete, and
if you pass them to an LSM
On Mon, Feb 05, 2007 at 07:20:35PM -0800, Andreas Gruenbacher wrote:
It's actually not hard to fix, and nfsd would look a little less weird. But
what would this add, what do pathnames mean in the context of nfsd, and would
nfsd actually become less weird?
It's not actually a pathname we care
On Tue, Feb 06, 2007 at 12:51:52AM -0800, Trond Myklebust wrote:
Who cares? There is no way to export a partial directory, and in any
case the subtree_check crap is borken beyond repair (see cross-directory
renames which lead to actual changes to the filehandle - broken, broken,
broken).
On Mon, Feb 05, 2007 at 06:13:26PM -0800, Andreas Gruenbacher wrote:
On Monday 05 February 2007 10:44, Christoph Hellwig wrote:
Looking at the actual patches I see you're lazy in a lot of places.
Please make sure that when you introduce a vfsmount argument somewhere
that it is _always_
12 matches
Mail list logo