On Tue, May 12, 2009 at 08:27:17AM +1000, James Morris wrote:
> On Mon, 11 May 2009, Joel Becker wrote:
>
> > and other security attributes (in all, I'm gonna call that the "security
> > context") as well. So I defined reflink() as such. This meant
>
> "security context" is an term associated with SELinux, so you may want to
> use something like "security attributes" or "security state" to avoid
> confusing people.
Ok, I wondered if my brain had picked that out from somewhere.
> > + error = security_inode_reflink(old_dentry, dir);
> > + if (error)
> > + return error;
>
> We'll need the new_dentry now, to set up new security state before the
> dentry is instantiated.
>
> e.g. SELinux will need to perform some checks on the operation, then
> calculate a new security context for the new file.
Do I need to pass in preserve_security as well so SELinux knows
what the ownership check determined?
Joel
--
"Copy from one, it's plagiarism; copy from two, it's research."
- Wilson Mizner
Joel Becker
Principal Software Developer
Oracle
E-mail: joel.becker@xxxxxxxxxx
Phone: (650) 506-8127
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
