[RFC PATCH v9 0/3] Add introspect_access(2) (was O_MAYEXEC)
James Morris
jmorris at namei.org
Sat Sep 12 00:28:52 UTC 2020
On Thu, 10 Sep 2020, Matthew Wilcox wrote:
> On Thu, Sep 10, 2020 at 08:38:21PM +0200, Mickaël Salaün wrote:
> > There is also the use case of noexec mounts and file permissions. From
> > user space point of view, it doesn't matter which kernel component is in
> > charge of defining the policy. The syscall should then not be tied with
> > a verification/integrity/signature/appraisal vocabulary, but simply an
> > access control one.
>
> permission()?
>
The caller is not asking the kernel to grant permission, it's asking
"SHOULD I access this file?"
The caller doesn't know, for example, if the script file it's about to
execute has been signed, or if it's from a noexec mount. It's asking the
kernel, which does know. (Note that this could also be extended to reading
configuration files).
How about: should_faccessat ?
--
James Morris
<jmorris at namei.org>
More information about the Linux-security-module-archive
mailing list