[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Vnode scope implementation
On Sun, Jul 19, 2009 at 08:17:00PM +0000, David Holland wrote:
> Supporting euid 0 is a reason that kauth needs to be able to switch
> "not allowed" to "allowed", but without additional information (that
> might be fs-specific) it is likely to turn into a too-blunt hammer.
> E.g. even root isn't allowed to exec /etc/passwd, because it's not
> executable. I think this requires subdividing the fs check further...
Er wait, misread stuff, I believe it's ok.
David A. Holland
Main Index |
Thread Index |