> > I maintain, that moving lsm hooks into callers is insane. And that's > > *the* sanest alternative that anybody has been able to come up with to > > passing down vfsmounts into the vfs. > > Not so. I showed how pathname-based security could be done *without* > passing vfsmounts down at all. Unfortunately, you weren't interested. Umm, not sure what you are referring to. Could you please give a pointer? I'm sure the apparmor developers would be more than interested in such a scheme, if it does indeed work. Thanks, Miklos -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
