mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 16:35:02 +01:00
14 lines
555 B
Text
14 lines
555 B
Text
inode_setattr hook
|
|
==================
|
|
|
|
* Reiserfs uses private directories and files for storing xattrs.
|
|
It should set ATTR_FORCE when changing attributes on these
|
|
files and directories with notify_change(). This may save us
|
|
from constructing temporary struct path objects there.
|
|
|
|
* AppArmor should check for ATTR_FORCE in its inode_setattr hook,
|
|
and should not log or deny ATTR_FORCE setattrs. SELinux does
|
|
that already as well. (For private inodes, the security_*
|
|
functions already skip the lsm hooks though, so this may be
|
|
unnecessary.)
|
|
|