On Wednesday 03 March 2010 14:02:58 Stephen Smalley wrote: > Should it be using has_capability_noaudit() rather than capable() so > that merely calling listxattr() on a file that happens to have trusted > xattrs does not set PF_SUPERPRIV on the task and does not trigger an > audit message? Yes, makes sense. A version of has_capability_noaudit() without an explicit task parameter, like security_capable(), would be better still. Thanks, Andreas -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html