Re: SELinux and access(2), we want to know.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Eric Paris wrote:
> If a process calls access("/etc/shadow", R_OK) I claim
> that we darn sure better return the same result that open("/etc/shadow",
> O_RDONLY) would return.  I'm guessing noone is going to argue that
> point.

This is actually wrong in general - and I see that several posters
have repeated it as if it's a fact.

Since the days prior to the new-fangled security models, access() is
supposed to calculate access for the _real_ user and group of the
process doing the access, whereas open() uses the _effective_ user and
group.

It is one of the things access() is useful for, in setuid/setgid programs.

It should be quite obvious that there are corresponding concepts in
modern security models, such as delegated authority, capabilities
etc. which possibly ought to apply to access(), and which possibly
affect how it's audited.

-- Jamie
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]
  Powered by Linux