Date: Thu, 13 Jul 2017 18:33:47 -0400 From: Matt Brown <matt@...tt.com> To: "Serge E. Hallyn" <serge@...lyn.com>, Mimi Zohar <zohar@...ux.vnet.ibm.com> Cc: Salvatore Mesoraca <s.mesoraca16@...il.com>, Mickaël Salaün <mic@...ikod.net>, kernel list <linux-kernel@...r.kernel.org>, linux-security-module <linux-security-module@...r.kernel.org>, Kernel Hardening <kernel-hardening@...ts.openwall.com>, Brad Spengler <spender@...ecurity.net>, PaX Team <pageexec@...email.hu>, Casey Schaufler <casey@...aufler-ca.com>, Kees Cook <keescook@...omium.org>, James Morris <james.l.morris@...cle.com> Subject: Re: [PATCH 00/11] S.A.R.A. a new stacked LSM On 7/13/17 3:51 PM, Serge E. Hallyn wrote: > Quoting Mimi Zohar (zohar@...ux.vnet.ibm.com): >> On Thu, 2017-07-13 at 08:39 -0400, Matt Brown wrote: >> The question is really from a security perspective which is better? >> Obviously, as v2 of the patch set changed from using pathnames to >> inodes, it's pretty clear that I think inodes would be better. Kees, >> Serge, Casey any comments? > > Yes, inode seems clearly better. Paths are too easily worked around. > Sounds good. Do we think a rb_tree would be better than a list to store the inodes in? Matt
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.