From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andreas Gruenbacher Subject: Re: [RFC 0/28] Patches to pass vfsmount to LSM inode security hooks Date: Wed, 7 Feb 2007 01:04:24 -0800 Message-ID: <200702070104.24450.agruen@suse.de> References: <20070205182213.12164.40927.sendpatchset@ermintrude.int.wirex.com> <200702051813.26958.agruen@suse.de> <20070206095231.GD5328@infradead.org> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Cc: Tony Jones , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, chrisw@sous-sol.org, linux-security-module@vger.kernel.org To: Christoph Hellwig , viro@zeniv.linux.org.uk Return-path: In-Reply-To: <20070206095231.GD5328@infradead.org> Content-Disposition: inline Sender: linux-security-module-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org On Tuesday 06 February 2007 01:52, Christoph Hellwig wrote: > On Mon, Feb 05, 2007 at 06:13:26PM -0800, Andreas Gruenbacher wrote: > > On Monday 05 February 2007 10:44, Christoph Hellwig wrote: > > > Looking at the actual patches I see you're lazy in a lot of places. > > > Please make sure that when you introduce a vfsmount argument somewhere > > > that it is _always_ passed and not just when it's conveniant. Yes, > > > that's more work, but then again if you're not consistant anyone > > > half-serious will laught at a security model using this infrasturcture. > > > > It may appear like laziness, but it's not. Let's look at where we're > > passing NULL at the moment: > > You know, I've tracked a lot of this down previously when I submitted > patches to add vfsmount arguments to the vfs_ helpers, just to get tought > by Al that this is a bad idea :) Hmmm, I really would like to know how else we could get at that information in the lsm hooks then. Andreas