Re: More duplicate code, vnode locking question

To: tech-kern%netbsd.org@localhost
Subject: Re: More duplicate code, vnode locking question
From: Matthew Mondor <mm_lists%pulsar-zone.net@localhost>
Date: Tue, 21 Apr 2009 02:31:50 -0400

On Tue, 21 Apr 2009 00:25:32 +0300
Elad Efrat <elad%NetBSD.org@localhost> wrote:

>       int
>       common_mount_allowed(kauth_cred_t cred, struct vnode *vp,
>           bool vnode_locked, int mode)
>       {
>               /* if root, always allow. */
>               ...

I'm actually unsure if security level has to be taken into account at
this layer, but if so, I just want to remind that even the superuser
shouldn't be able to mount new file systems under security level >1,
which still might imply a call to kauth in uid == 0 case so the 44bsd
secmodel may enforce security level policy?

Thanks,
-- 
Matt

Follow-Ups:
- Re: More duplicate code, vnode locking question
  - From: Elad Efrat

References:
- More duplicate code, vnode locking question
  - From: Elad Efrat

Prev by Date: re: Fixing noreturn function
Next by Date: Re: Common chmod and chown routines
Previous by Thread: Re: More duplicate code, vnode locking question
Next by Thread: Re: More duplicate code, vnode locking question
Indexes:

Home | Main Index | Thread Index | Old Index