From: Chuck Lever <chuck.lever@oracle.com>
To: Eric Paris <eparis@redhat.com>
Cc: steved@redhat.com, trond.myklebust@fys.uio.no, hch@infradead.org,
nfs@lists.sourceforge.net, viro@zeniv.linux.org.uk,
selinux@tycho.nsa.gov, sds@tycho.nsa.gov
Subject: Re: RFC: LSM/SELinux handling of mount options
Date: Fri, 13 Jul 2007 13:00:33 -0400 [thread overview]
Message-ID: <4697AFB1.3090602@oracle.com> (raw)
In-Reply-To: <1184283693.3510.123.camel@localhost.localdomain>
[-- Attachment #1: Type: text/plain, Size: 768 bytes --]
Hi Eric -
Eric Paris wrote:
> So there are 2 overarching problems this patch set it attempting to
> solve or make later solutions easier.
>
> 1) NFS uses binary mount data (for both normal and nohide/referral
> mounts) which currently SELinux attempts to understand and use. This
> was declared a layering issue, no security module should have FS
> specific data structure knowledge. (Instead we have to put security
> module specific knowledge into the FS since the FS 'owns' the mount
> data, see below)
Please take a look at the string-ified NFS mount patches that are going
into 2.6.23. In the future we want to pass mount options for NFS mounts
via a C string instead of a binary blob. If nothing else, it will
affect your changes to fs/nfs/super.c.
[-- Attachment #2: chuck.lever.vcf --]
[-- Type: text/x-vcard, Size: 315 bytes --]
begin:vcard
fn:Chuck Lever
n:Lever;Chuck
org:Oracle Corporation;Corporate Architecture: Linux Projects Group
adr:;;1015 Granger Avenue;Ann Arbor;MI;48104;USA
email;internet:chuck dot lever at nospam oracle dot com
title:Principal Member of Staff
tel;work:+1 248 614 5091
x-mozilla-html:FALSE
version:2.1
end:vcard
[-- Attachment #3: Type: text/plain, Size: 286 bytes --]
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
[-- Attachment #4: Type: text/plain, Size: 140 bytes --]
_______________________________________________
NFS maillist - NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs
prev parent reply other threads:[~2007-07-13 17:01 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-07-12 23:41 RFC: LSM/SELinux handling of mount options Eric Paris
2007-07-13 17:00 ` Chuck Lever [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4697AFB1.3090602@oracle.com \
--to=chuck.lever@oracle.com \
--cc=eparis@redhat.com \
--cc=hch@infradead.org \
--cc=nfs@lists.sourceforge.net \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
--cc=steved@redhat.com \
--cc=trond.myklebust@fys.uio.no \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox