Re: [RFC][PATCH] (#2) Prelim in-kernel file system auditing support
--- "Timothy R. Chavez" <chavezt(a)gmail.com> wrote:
To be honest, I haven't really considered the chroot
environment. I
guess the check really needs to be after the lookup
and I should
check:
if(nd.dentry == nd.dentry->d_parent) {
return -EPERM;
....
}
I thought that might be what you really meant.
The reason for this is simple. You can't watch
yourself. Is this a problem?
No worries.
> Where does one put the ACL, MAC label, and/or
> capability set of the file? I may not be able
> to go get it later, as it may change or worse,
> the file might be gone by then.
I've not given this any thought. This is on the
table and needs to
furthered discussed. Klaus?
A field that is the head of a list of
additional "information units" (tokens
in other systems) would be most general.
=====
Casey Schaufler
casey(a)schaufler-ca.com
__________________________________
Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard.
http://promotions.yahoo.com/new_mail