Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262248AbUKVR3T (ORCPT ); Mon, 22 Nov 2004 12:29:19 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262240AbUKVR2p (ORCPT ); Mon, 22 Nov 2004 12:28:45 -0500 Received: from mx1.redhat.com ([66.187.233.31]:25036 "EHLO mx1.redhat.com") by vger.kernel.org with ESMTP id S262248AbUKVRYb (ORCPT ); Mon, 22 Nov 2004 12:24:31 -0500 Date: Mon, 22 Nov 2004 12:24:21 -0500 (EST) From: James Morris X-X-Sender: jmorris@thoron.boston.redhat.com To: Stephen Smalley cc: Jeffrey Mahoney , Andrew Morton , Linus Torvalds , Linux Kernel Mailing List , ReiserFS List Subject: Re: [PATCH 2/5] selinux: adds a private inode operation In-Reply-To: <1101138640.18273.13.camel@moss-spartans.epoch.ncsc.mil> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 668 Lines: 22 On Mon, 22 Nov 2004, Stephen Smalley wrote: > Actually, I think we need a new flag field in the inode_security_struct > to explicitly mark these "private" inodes for SELinux, so that > inode_has_perm() can skip permission checking on them while still > applying checks to any other inodes that may have the kernel SID (e.g. > /proc/pid inodes for kernel threads). Agreed. - James -- James Morris - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/