[GIT PULL] Add trusted_for(2) (was O_MAYEXEC)
Linus Torvalds
torvalds at linux-foundation.org
Mon Apr 4 21:40:22 UTC 2022
On Mon, Apr 4, 2022 at 2:28 PM Linus Torvalds
<torvalds at linux-foundation.org> wrote:
>
> (4) maybe we want to add a flag for the "euid vs real uid", and that
> would be in the "flags" field, since that changes the actual *lookup*
> semantics
Duh. We already did that long ago, and it's there as AT_EACCESS.
I should have just looked at the code more closely.
But that "you didn't even check what we already do, Linus" thing just
makes it even more obvious that all of this makes perfect sense in the
confines of access() already, and a new "check _these_ protections"
should just be a new mode bit.
Linus
More information about the Linux-security-module-archive
mailing list