Re: patch update to ~51
On Thursday 02 June 2005 08:43, David Woodhouse wrote:
This is the case when you have a watch on a file but the _directory_
in
which that file resides has disappeared -- implying that the file itself
is actually already gone.
I don't think this matters. If you set a rule, shouldn't it exist until
deleted? Imagine the fun if iptables deleted rules when you take an interface
down and up. Also, how do you apply rules to files before mounting a
partition so there are no races?
I would imagine that the file system auditing would hook mount, mkdir, open, &
rename to see if a watch on the global list can be enabled. umount, rmdir,
unlink, rename would keep the rule on the global list, but possibly disable
it from triggering. This would follow the principal of least surprise.
-Steve