On Thursday 27 April 2006 13:02, Christoph Hellwig wrote:
> On Thu, Apr 27, 2006 at 08:15:30AM +1000, Neil Brown wrote:
> > 3/ Is AppArmour's approach of using d_path to get a filename from a
> > dentry valid and acceptable?
>
> Clear no, and that should have been obvious to the aa people from the
> beginning. To make a path-based approach actually work as designed you
> need to hook up higher, where the real path is available.
What do you mean with real path? Even in open the path can be quite weird
("dir1/../dir2/../dir3/..." etc.)
I suspect it will always need to work with sanitized paths.
Starting from the dentry for that is a quite reasonable, although
d_path indeed seems quite inefficient without any caching mechanism.
-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
