On Wed, Dec 08, 2010 at 02:45:27PM -0500, Eric Paris wrote: > SELinux would like to implement a new labeling behavior of newly created > inodes. We currently label new inodes based on the parent and the creating > process. This new behavior would also take into account the name of the > new object when deciding the new label. This is not the (supposed) full path, > just the last component of the path. > > This is very useful because creating /etc/shadow is different than creating > /etc/passwd but the kernel hooks are unable to differentiate these > operations. We currently require that userspace realize it is doing some > difficult operation like that and than userspace jumps through SELinux hoops > to get things set up correctly. This patch does not implement new > behavior, that is obviously contained in a seperate SELinux patch, but it > does pass the needed name down to the correct LSM hook. If no such name > exists it is fine to pass NULL. -ETOOFUCKINGUGLY... -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/ Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>