On Thu, Mar 06, 2025 at 10:04:54PM +0100, Jan Kara wrote: > On Tue 04-03-25 01:12:56, Tingmao Wang wrote: > > Alternatives > > ------------ > > > > I have looked for existing ways to implement the proposed use cases (at > > least for FS access), and three main approaches stand out to me: > > > > 1. Fanotify: there is already FAM_OPEN_PERM which waits for an allow/deny > > response from a fanotify listener. However, it does not currently have > > the equivalent _PERM for file creation, deletion, rename and linking, and > > it is also not designed for unprivileged, process-scoped use (unlike > > landlock). > > As Amir wrote, arbitration of creation / deletion / ... is not a principial > problem for fanotify and we plan to go in that direction anyway for HSM > usecase. However adjusting fanotify permission events for a per-process > scope and for unpriviledged users is a fundamental difference to how > fanotify is designed to work (it watches filesystem objects, not processes > and actions they do) and so I don't think that would be a great fit. Also I > don't see fanotify expanding in the networking area as the concepts are > rather different there :). Yes, I agree. We should take inspiration from the fanonify interface though. > > Honza > > -- > Jan Kara <jack@xxxxxxxx> > SUSE Labs, CR >
