Re: [patch 00/11] mount ownership and unprivileged mount syscall (v9)

view
thread

!MAILaRCHIVE_VOTE_RePLACE

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: Miklos Szeredi <miklos@...>

Cc: <akpm@...>, <hch@...>, <serue@...>, <viro@...>, <linux-fsdevel@...>, <linux-kernel@...>, <sds@...>, <eparis@...>, <linux-security-module@...>

Subject: Re: [patch 00/11] mount ownership and unprivileged mount syscall (v9)

Date: Tuesday, March 18, 2008 - 7:04 pm

On Tue, 18 Mar 2008, Miklos Szeredi wrote:

quoted text> > We might need a user_mount hook which is called once the core kernel code 
> > determines that it is a a valid unprivileged mount (although the sb_mount 
> > hook will already have been called, IIUC).
> 
> Does the order matter between core code's and the security module's
> permission checks?

Yes, the model is DAC before MAC.

quoted text>  If it does, the cleanest would be to just move the
> core checks before the sb_mount hook, no?

Correct.

-- 
James Morris
<jmorris@namei.org>
--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[patch 00/11] mount ownership and unprivileged mount syscall..., Miklos Szeredi, (Mon Mar 17, 4:00 pm)

Re: [patch 00/11] mount ownership and unprivileged mount sys..., James Morris, (Mon Mar 17, 6:51 pm)

Re: [patch 00/11] mount ownership and unprivileged mount sys..., Miklos Szeredi, (Tue Mar 18, 7:33 am)

Re: [patch 00/11] mount ownership and unprivileged mount sys..., James Morris, (Tue Mar 18, 7:04 pm)

Navigation

Popular discussions


linux-kernel:
Glauber de Oliveira Costa	[PATCH 08/79] [PATCH] use identify_boot_cpu
David Woodhouse	[PATCH v2] Stop pmac_zilog from abusing 8250's device numbers.
Greg Kroah-Hartman	[PATCH 002/196] Chinese: rephrase English introduction in HOWTO
Jeremy Fitzhardinge	[PATCH 30 of 31] xen: no need for domU to worry about MCE/MCA
git:

openbsd-misc:

linux-netdev:
Gerrit Renker	[PATCH 03/37] dccp: List management for new feature negotiation
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
David Miller	[GIT]: Networking
Frans Pop	svc: failed to register lockdv1 RPC service (errno 97).

Colocation donated by:

Online users

Syndicate