tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Vnode scope implementation

On Sun, Jul 19, 2009 at 08:17:00PM +0000, David Holland wrote:
 > Supporting euid 0 is a reason that kauth needs to be able to switch
 > "not allowed" to "allowed", but without additional information (that
 > might be fs-specific) it is likely to turn into a too-blunt hammer.
 > E.g. even root isn't allowed to exec /etc/passwd, because it's not
 > executable. I think this requires subdividing the fs check further...

Er wait, misread stuff, I believe it's ok.


David A. Holland

Home | Main Index | Thread Index | Old Index