Re: [AppArmor 01/41] Pass struct vfsmount to the inode_create LSM hook | KernelTrap

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_create LSM hook

view
thread

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Alan Cox

Subject: Re: [AppArmor 01/41] Pass struct vfsmount to the inode_create LSM hook

Date: Saturday, May 26, 2007 - 6:34 am

> As such, AA can detect whether you did exec("gzip") or exec("gunzip")
quoted text> and apply the policy relevant to the program. It could apply different

That's not actually useful for programs which link the same binary to
multiple names because if you don't consider argv[0] as well I can run
/usr/bin/gzip passing argv[0] of "gunzip" and get one set of policies and
the other set of behaviour.

And then we have user added hardlinks of course.

-
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., James Morris, (Thu May 24, 6:19 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Pavel Machek, (Thu May 24, 7:40 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Andreas Gruenbacher, (Thu May 24, 11:10 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Al Viro, (Thu May 24, 11:40 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Casey Schaufler, (Thu May 24, 11:58 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Andreas Gruenbacher, (Thu May 24, 2:56 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Andreas Gruenbacher, (Thu May 24, 9:14 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Jeremy Maitin-Shepard, (Thu May 24, 10:17 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Toshiharu Harada, (Fri May 25, 1:01 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Casey Schaufler, (Fri May 25, 10:43 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Jeremy Maitin-Shepard, (Fri May 25, 11:10 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Jeremy Maitin-Shepard, (Fri May 25, 11:13 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Casey Schaufler, (Fri May 25, 12:06 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Andreas Gruenbacher, (Fri May 25, 1:00 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Casey Schaufler, (Fri May 25, 1:27 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Tetsuo Handa, (Fri May 25, 6:40 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Kyle Moffett, (Fri May 25, 10:20 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Crispin Cowan, (Fri May 25, 10:27 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Andreas Gruenbacher, (Sat May 26, 4:46 am)

Re: Pass struct vfsmount to the inode_create LSM hook, Tetsuo Handa, (Sat May 26, 5:09 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Andreas Gruenbacher, (Sat May 26, 5:10 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Alan Cox, (Sat May 26, 6:34 am)

Re: Pass struct vfsmount to the inode_create LSM hook, Andreas Gruenbacher, (Sat May 26, 6:41 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Andreas Gruenbacher, (Sat May 26, 7:05 am)

Re: Pass struct vfsmount to the inode_create LSM hook, Tetsuo Handa, (Sat May 26, 7:44 am)

Re: Pass struct vfsmount to the inode_create LSM hook, Andreas Gruenbacher, (Sat May 26, 9:52 am)

Re: Pass struct vfsmount to the inode_create LSM hook, Kyle Moffett, (Sat May 26, 11:16 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., James Morris, (Sat May 26, 11:41 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., James Morris, (Sat May 26, 11:45 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Casey Schaufler, (Sat May 26, 3:58 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Toshiharu Harada, (Sat May 26, 4:08 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Valdis.Kletnieks, (Sat May 26, 6:33 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Kyle Moffett, (Sat May 26, 7:10 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Valdis.Kletnieks, (Sat May 26, 7:37 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Kyle Moffett, (Sat May 26, 10:32 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Toshiharu Harada, (Sun May 27, 12:25 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Cliffe, (Sun May 27, 1:34 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Kyle Moffett, (Sun May 27, 6:07 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Kyle Moffett, (Sun May 27, 6:35 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Casey Schaufler, (Sun May 27, 9:12 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Toshiharu Harada, (Mon May 28, 3:41 am)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Pavel Machek, (Mon May 28, 1:38 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Kyle Moffett, (Mon May 28, 6:54 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Kyle Moffett, (Mon May 28, 7:00 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Valdis.Kletnieks, (Tue May 29, 2:17 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Toshiharu Harada, (Tue May 29, 7:38 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Crispin Cowan, (Tue May 29, 10:52 pm)

Re: [AppArmor 01/41] Pass struct vfsmount to the inode_cre ..., Alan Cox, (Wed May 30, 3:06 am)

Navigation

Popular discussions


linux-kernel:
Greg KH	Og dreams of kernels
Jens Axboe	[PATCH 31/33] Fusion: sg chaining support
Arnd Bergmann	Re: finding your own dead "CONFIG_" variables
Mark Brown	[PATCH 2/2] Subject: natsemi: Allow users to disable workaround for DspCfg reset
Tony Breeds	[LGUEST] Look in object dir for .config
git:
Brian Downing	Re: Git in a Nutshell guide
John Benes	Re: master has some toys
Matthias Lederhofer	[PATCH 4/7] introduce GIT_WORK_TREE to specify the work tree
Alexander Sulfrian	[RFC/PATCH] RE: git calls SSH_ASKPASS even if DISPLAY is not set
Junio C Hamano	Re: Rss produced by git is not valid xml?
git-commits-head:
Linux Kernel Mailing List	iSeries: fix section mismatch in iseries_veth
Linux Kernel Mailing List	ixbge: remove TX lock and redo TX accounting.
Linux Kernel Mailing List	ixgbe: fix several counter register errata
Linux Kernel Mailing List	b43: fix build with CONFIG_SSB_PCIHOST=n
Linux Kernel Mailing List	<