[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [RFC][PATCH] (#6 U1) the latest incarnation



On Friday 25 March 2005 07:04 am, Stephen Smalley wrote:
> Alternatively, you could just view "rename", "link", and "unlink" as
> another form of write, so you could pass MAY_WRITE here.

I think we should keep it simple for the time being and go with this.

>
> With regard to additional hook placement for audit_notify_watch, I think
> you likely do want to mirror the security*_post* hooks for file creation
> (create, mkdir, mknod, symlink), rename, and link with
> audit_notify_watch calls to perform notifications of such events.

I'm not entirely sure we should hook mknod or symlink.  We're not making any 
claims about the watchability of a device, or symlink with this code.  Do you 
agree?

-tim


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]