[LinuxPPS] 14 Feb 16:10 - [PATCH] sysctl: hide the sysctl proc
inodes from selinux
linuxpps: Eric W. Biederman <>
webmaster at enneenne.com
Fri Feb 16 19:00:07 CET 2007
[PATCH] sysctl: hide the sysctl proc inodes from selinux
Since the security checks are applied on each read and write of a sysctl file,
just like they are applied when calling sys_sysctl, they are redundant on the
standard VFS constructs. Since it is difficult to compute the security labels
on the standard VFS constructs we just mark the sysctl inodes in proc private
so selinux won't even bother with them.
Signed-off-by: Eric W. Biederman
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
fs/proc/proc_sysctl.c
URL: http://gitweb.enneenne.com/?p=linuxpps;a=commit;h=86a71dbd3e81e8870d0f0e56b87875f57e58222b
More information about the LinuxPPS
mailing list