Date: Thu, 9 Aug 2007 11:51:56 -0700 (PDT)
From: Casey Schaufler <casey@schaufler-ca.com>
Reply-To: casey@schaufler-ca.com
Subject: Re: [PATCH 09/14] CacheFiles: Permit a process's create SID to be overridden [try #2]
To: David Howells <dhowells@redhat.com>, casey@schaufler-ca.com
Cc: dhowells@redhat.com, torvalds@osdl.org, akpm@osdl.org, steved@redhat.com,
       trond.myklebust@fys.uio.no, linux-fsdevel@vger.kernel.org,
       linux-cachefs@redhat.com, nfsv4@linux-nfs.org,
       linux-kernel@vger.kernel.org
In-Reply-To: <20954.1186682862@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7BIT
Message-ID: <763414.38514.qm@web36608.mail.mud.yahoo.com>
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1014
Lines: 26


--- David Howells <dhowells@redhat.com> wrote:

> Casey Schaufler <casey@schaufler-ca.com> wrote:
> 
> > This is SELinux specific funtionality and should be done in the
> > SELinux code. You should not be adding interfaces that are SELinux
> > specific, in this case using secids instead of the LSM blob interfaces.
> 
> Is using secids your only objection?  Or are you objecting to the whole
> 'act-as' concept?

My knee jerk reaction is that that is likely to be SELinux specific
behavior as well. I'm going to have to look at the patch more carefully
before I can say for sure. I will try to make a constructive proposal
once I've had the chance to think on it a little. Sorry about the terse
and unhelpful initial reaction.


Casey Schaufler
casey@schaufler-ca.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/