[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

[Linux-cachefs] Re: [PATCH 09/14] CacheFiles: Permit a process's create SID to be overridden [try #2]

From: Casey Schaufler <casey schaufler-ca com>
To: David Howells <dhowells redhat com>, torvalds osdl org, akpm osdl org, steved redhat com, trond myklebust fys uio no
Cc: linux-fsdevel vger kernel org, linux-cachefs redhat com, nfsv4 linux-nfs org, linux-kernel vger kernel org
Subject: [Linux-cachefs] Re: [PATCH 09/14] CacheFiles: Permit a process's create SID to be overridden [try #2]
Date: Thu, 9 Aug 2007 10:04:56 -0700 (PDT)

--- David Howells <dhowells redhat com> wrote:

> Make it possible for a process's file creation SID to be temporarily
> overridden
> by CacheFiles so that files created in the cache have the right label
> attached.
> 
> Without this facility, files created in the cache will be given the current
> file creation SID of whatever process happens to have invoked CacheFiles
> indirectly by means of opening a netfs file at the time the cache file is
> created.

This is SELinux specific funtionality and should be done in the
SELinux code. You should not be adding interfaces that are SELinux
specific, in this case using secids instead of the LSM blob interfaces.


Casey Schaufler
casey schaufler-ca com

Follow-Ups:
- [Linux-cachefs] Re: [PATCH 09/14] CacheFiles: Permit a process's create SID to be overridden [try #2]
  - From: David Howells

References:
- [Linux-cachefs] [PATCH 09/14] CacheFiles: Permit a process's create SID to be overridden [try #2]
  - From: David Howells

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]