> > We do have a good reason: r/o bind mounts and AppArmor. And please > > don't tell me, you also think that moving the security hooks to > > callers is a good idea ;) That would actually be a change with a much > > larger impact, both in terms of code duplication and of verifying > > correctness. > > I think AppArmor is a horribly stupid idea to start with, and I'm not > willing up to mess up the kernel tree for it. Well, I'd hardly call this whole patchset messing up the kernel, and you seemed to agree with most of the patches. It may come as a surprise, but all of it (as well as reviews of the r/o bind patches which found some pretty serious bugs) are because I'm trying to work on integrating AppArmor cleanly. You may consider it a stupid idea, and it may or may not be one. But please try to be a bit more constructive on the issue. Thanks, Miklos -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html