On Mon, 23 Sept 2024 at 04:03, Jan Kara <jack@xxxxxxx> wrote:
>
> * The implementation of the pre-content fanotify events. T
I pulled this, and then I decided to unpull.
I don't see what the permissions for this thing are, and without
explanations for why this isn't a huge security issue, I'm not pulling
it.
Maybe those explanations exist elsewhere, but they sure aren't in the
pull request.
IOW, I want to know where the code is that says "you can't block root
processes doing accesses to your files" etc. Or things like "oh, the
kernel took a page fault while holding some lock, what protects this
from being misused"?
And if that code doesn't exist, there's no way in hell we're pulling this. Ever.
IOW, where is the "we don't allow unprivileged groups to do this" code?
Because:
> These events are
> sent before read / write / page fault and the execution is paused until
> event listener replies similarly to current fanotify permission events.
Permission events aren't allowed for unprivileged users. I want to
make sure people have thought about this, and I need to actually see
this talked about in the pull request.
Linus
