[PATCH] ima: define new policy condition based on the filesystem name

Christoph Hellwig hch at infradead.org
Mon Jan 15 17:19:14 UTC 2018

On Mon, Jan 15, 2018 at 11:40:07AM -0500, Mimi Zohar wrote:
> rootfs IS different than other filesystems, as other filesystems
> uniquely identify the underlying filesystem type.  rootfs can be a
> ramfs or tmpfs filesystem.  Only tmpfs supports xattrs.

Tons of filesystems only have xattrs optionally.  Check for goddamn
xattrs if that is the requirement and not a name that has absolutely
zero meaning for functionality.  That is the whole point!
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

More information about the Linux-security-module-archive mailing list