[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [RFC][PATCH] (#2) Prelim in-kernel file system auditing support



* Serge Hallyn (serue us ibm com) wrote:
> But you're looking up the parent of the file.  So if you call
> audit_insert_watch("/.autofsck"); then nd will be the nameidata for '/'.
> You're going to check that the parent is not '/', whereas before you
> were checking that the file is not '/'.  Clearly you want the latter.
> 
> That's not to say the strcmp(path, "/') will be acceptable upstream,
> though.

No, it's not.  It also doesn't mean much.  Think "///", or "../../../".
These are user strings.  If it's an issue, better compare against
something sane like resolved internal data structure.

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]