On Mon, 11 May 2009, Joel Becker wrote: > > e.g. SELinux will need to perform some checks on the operation, then > > calculate a new security context for the new file. > > Do I need to pass in preserve_security as well so SELinux knows > what the ownership check determined? Not for SELinux -- its security attributes are orthogonal to DAC, and it will perform its own checks on them. Other LSMs should operate similarly (there is also the CAP_CHOWN check which the LSM may hook), although if not, the flag can be added later if required. - James -- James Morris <jmorris@xxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
