From: Kristian =?iso-8859-1?q?S=F8rensen?= <ks@cs.aau.dk>
To: Tetsuo Handa <from-linux-kernel@i-love.sakura.ne.jp>
Subject: Re: [RFC][2.4 PATCH] A restricted /dev filesystem.
Date: Mon, 1 Nov 2004 13:43:00 +0100
User-Agent: KMail/1.6.2
Cc: linux-kernel@vger.kernel.org
References: <200411012114.IIG42981.tSSMNOFVtPMYFGLOJ@i-love.sakura.ne.jp>
In-Reply-To: <200411012114.IIG42981.tSSMNOFVtPMYFGLOJ@i-love.sakura.ne.jp>
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 8BIT
Message-Id: <200411011343.00513.ks@cs.aau.dk>
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1024
Lines: 33

Hi!

I see your point to some degree...

On Monday 01 November 2004 13:15, Tetsuo Handa wrote:
> Specifications:
>
>   No regular files allowed. (since I think /dev needn't to keep regular
> files.) No hardlinks allowed. (since I think hardlinks are unused for /dev
> .)
Unless your work will be accepted in the vanilla kernel, you will might 
consider making your code a bit more generic.

E.g. these two statements of disallowing creation of hardlinks and regular 
files in /dev can easily be implemented as a LSM module (see 
include/linux/security.h). (I think) You will need to consider the hooks 
inode_create and inode_link only.


Cheers, KS.


-- 
Kristian S?rensen
- The Umbrella Project
  http://umbrella.sourceforge.net

E-mail: ipqw@users.sf.net, Phone: +45 29723816
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/