Getting path in inode_permission
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Fri Feb 6 17:51:11 EST 2015
On Sat, 07 Feb 2015 01:57:44 +0530, noyb noybee said:
> I need the path lookup data as I need to specifically block inode
> loopkups originating from a certain path
Then just make sure the inodes you don't want accessed aren't in the
namespace.
Hint: "from a certain path" is almost guaranteed to be a security hole,
because all the attacker has to do is cwd() to some different path. And
there's ../ games that can be played, and so on.
So what are you trying to protect by blocking some lookups? What's the
threat model here?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
Url : http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20150206/7a17423b/attachment.bin
More information about the Kernelnewbies
mailing list