On Tue, March 25, 2008 10:45 pm, Tetsuo Handa wrote:Though the 'indent' data structure could be used to carry this information. But do you want to impose path-name based controls to ftruncate? Surely once you have a file open for write (not O_APPEND), then no other permission is required to truncate the file, is it? If it is, then maybe the 'struct file' should be tagged at open time to say whether 'truncate' is allowed. Not an insolvable problem. One could imagine an implementation where a TYPE_RENAME_FROM security check produced a cookie that was consumed by a TYPE_RENAME_TO security check. The cookie could then be used by the security module to make any connection between the two names that might be appropriate. <rant> I suspect we would be much better off removing all the security hooks. Security done at that level seems to be way too complex such that most people don't really understand it. And people who don't understand security don't use it. We'd be much better off getting rid of the whole "micro-manage security" concept and provide isolation via some sort of high level container approach. </rant> NeilBrown --
| David Miller | Slow DOWN, please!!! |
| KAMEZAWA Hiroyuki | Re: 2.6.22-rc1-mm1 |
| Steven Rostedt | [RFC PATCH 1/3] Unified trace buffer |
| Steven Rostedt | [RFC PATCH 0/6] Convert all tasklets to workqueues |
git: | |
| Peter Klavins | Re: CRLF problems with Git on Win32 |
| J. Bruce Fields | Re: Git User's Survey 2007 unfinished summary continued |
| Linus Torvalds | Re: VCS comparison table |
| Junichi Uekawa | Re: [ANNOUNCE] GIT 1.5.4 |
| Arjan van de Ven | Re: [GIT]: Networking |
| Rémi | [PATCH 0/6] [RFC] Phonet pipes protocol (v2) |
| Jarek Poplawski | Re: [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock(). |
| Jozsef Kadlecsik | Re: TCP connection stalls under 2.6.24.7 |
| Richard Stallman | Real men don't attack straw men |
| Rogier Krieger | Re: bcw(4) is gone |
| Leon Dippenaar | New tcp stack attack |
| Brandon Lee | DELL PERC 5iR slow performance |
| high memory | 5 hours ago | Linux kernel |
| semaphore access speed | 8 hours ago | Applications and Utilities |
| the kernel how to power off the machine | 9 hours ago | Linux kernel |
| Easter Eggs in windows XP | 12 hours ago | Windows |
| Shared swap partition | 13 hours ago | Linux general |
| Root password | 13 hours ago | Linux general |
| Where/when DNOTIFY is used? | 15 hours ago | Linux kernel |
| How to convert Linux Kernel built-in module into a loadable module | 17 hours ago | Linux kernel |
| Linux 2.6.24 and I/O schedulers | 18 hours ago | Linux kernel |
| USB Driver -- Interrupt Polling -- A Little Help Please | 23 hours ago | Linux general |
