On Thu, Apr 28, 2011 at 1:37 PM, Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote: > On 4/28/2011 5:35 AM, Roberto Sassu wrote: >> On Thursday, April 28, 2011 01:27:19 AM Tyler Hicks wrote: >>> On Wed Apr 27, 2011 at 01:19:55PM -0700, Casey Schaufler <casey@xxxxxxxxxxxxxxxx> wrote: >>>> On 4/27/2011 5:34 AM, Roberto Sassu wrote: > On this point I most strongly disagree. Casey, I'm glad you're trying to figure out what's going on here because I certainly don't understand all the problems! If there were some mechanism by which the 'lower' inode could be ONLY accessibly by ecyptfs kernel internals it oculd be marked IS_PRIVATE and skip all security checks on it. Then you only have SELinux security checks on the upper inode. Which seems to make sense. My problem is that this is ONLY acceptable if there is no way for userspace to directly reference the lower struct inode. Just a thought. -Eric -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
