diff for duplicates of <1516380970.3772.112.camel@linux.vnet.ibm.com> diff --git a/a/1.txt b/N1/1.txt index ec73406..63ff25b 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -51,9 +51,9 @@ performance. Some filesystems should not be evaluated, such as pseudo filesystems (eg. cgroups, sysfs, devpts, pstorefs, efivarfs, debugfs, selinux, -smack). Instead of defining a flag indicating whether or not IMA is +smack). ?Instead of defining a flag indicating whether or not IMA is applicable/supported, we should define a new flag, indicating whether -it is a pseudo filesystem. This would eliminate a large portion of at +it is a pseudo filesystem. ?This would eliminate a large portion of at least the builtin IMA policy rules. > > I'm also wondering if this change should be @@ -65,3 +65,8 @@ least the builtin IMA policy rules. The flag and FUSE usage of the flag, separately from IMA. Mimi + +-- +To unsubscribe from this list: send the line "unsubscribe linux-security-module" in +the body of a message to majordomo at vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/a/content_digest b/N1/content_digest index 8697c82..6869bd8 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,24 +1,10 @@ "ref\020180116151000.443-1-alban@kinvolk.io\0" "ref\01516310702.3772.11.camel@linux.vnet.ibm.com\0" "ref\0CADZs7q4StoPLD4-CSXp5DkgPh29vrZWjayTAYkMAsrDychLOoQ@mail.gmail.com\0" - "From\0Mimi Zohar <zohar@linux.vnet.ibm.com>\0" - "Subject\0Re: [RFC PATCH v2] ima,fuse: introduce new fs flag FS_NO_IMA_CACHE\0" + "From\0zohar@linux.vnet.ibm.com (Mimi Zohar)\0" + "Subject\0[RFC PATCH v2] ima,fuse: introduce new fs flag FS_NO_IMA_CACHE\0" "Date\0Fri, 19 Jan 2018 11:56:10 -0500\0" - "To\0Alban Crequy <alban@kinvolk.io>\0" - "Cc\0Alban Crequy <alban.crequy@gmail.com>" - " Iago L\303\263pez Galeiras <iago@kinvolk.io>" - Dongsu Park <dongsu@kinvolk.io> - LKML <linux-kernel@vger.kernel.org> - linux-integrity@vger.kernel.org - linux-security-module@vger.kernel.org - linux-fsdevel@vger.kernel.org - Miklos Szeredi <miklos@szeredi.hu> - Alexander Viro <viro@zeniv.linux.org.uk> - Dmitry Kasatkin <dmitry.kasatkin@gmail.com> - James Morris <james.l.morris@oracle.com> - Serge E. Hallyn <serge@hallyn.com> - Seth Forshee <seth.forshee@canonical.com> - " Christoph Hellwig <hch@infradead.org>\0" + "To\0linux-security-module@vger.kernel.org\0" "\00:1\0" "b\0" "On Fri, 2018-01-19 at 11:35 +0100, Alban Crequy wrote:\n" @@ -74,9 +60,9 @@ "\n" "Some filesystems should not be evaluated, such as pseudo filesystems\n" "(eg. cgroups, sysfs, devpts, pstorefs, efivarfs, debugfs, selinux,\n" - "smack). Instead of defining a flag indicating whether or not IMA is\n" + "smack). ?Instead of defining a flag indicating whether or not IMA is\n" "applicable/supported, we should define a new flag, indicating whether\n" - "it is a pseudo filesystem. This would eliminate a large portion of at\n" + "it is a pseudo filesystem. ?This would eliminate a large portion of at\n" "least the builtin IMA policy rules.\n" "\n" "> > I'm also wondering if this change should be\n" @@ -87,6 +73,11 @@ "\n" "The flag and FUSE usage of the flag, separately from IMA.\n" "\n" - Mimi + "Mimi\n" + "\n" + "--\n" + "To unsubscribe from this list: send the line \"unsubscribe linux-security-module\" in\n" + "the body of a message to majordomo at vger.kernel.org\n" + More majordomo info at http://vger.kernel.org/majordomo-info.html -d6350120d4ccb47be271b42fbf9d5263d04c059e2768ac4f373c00370c126b83 +354832c6e61e4549fad7fe139da48756d5a1317a862cb94e8ec9bb26f5bc2d3c
diff --git a/a/1.txt b/N2/1.txt index ec73406..8af9bdc 100644 --- a/a/1.txt +++ b/N2/1.txt @@ -51,9 +51,9 @@ performance. Some filesystems should not be evaluated, such as pseudo filesystems (eg. cgroups, sysfs, devpts, pstorefs, efivarfs, debugfs, selinux, -smack). Instead of defining a flag indicating whether or not IMA is +smack). Instead of defining a flag indicating whether or not IMA is applicable/supported, we should define a new flag, indicating whether -it is a pseudo filesystem. This would eliminate a large portion of at +it is a pseudo filesystem. This would eliminate a large portion of at least the builtin IMA policy rules. > > I'm also wondering if this change should be diff --git a/a/content_digest b/N2/content_digest index 8697c82..0baddec 100644 --- a/a/content_digest +++ b/N2/content_digest @@ -74,9 +74,9 @@ "\n" "Some filesystems should not be evaluated, such as pseudo filesystems\n" "(eg. cgroups, sysfs, devpts, pstorefs, efivarfs, debugfs, selinux,\n" - "smack). Instead of defining a flag indicating whether or not IMA is\n" + "smack). \302\240Instead of defining a flag indicating whether or not IMA is\n" "applicable/supported, we should define a new flag, indicating whether\n" - "it is a pseudo filesystem. This would eliminate a large portion of at\n" + "it is a pseudo filesystem. \302\240This would eliminate a large portion of at\n" "least the builtin IMA policy rules.\n" "\n" "> > I'm also wondering if this change should be\n" @@ -89,4 +89,4 @@ "\n" Mimi -d6350120d4ccb47be271b42fbf9d5263d04c059e2768ac4f373c00370c126b83 +6519dcccba13b49abf8c59750652df1c5d68c61ec29e36ca9b0378436dd0450b
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.