From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx3-rdu2.redhat.com ([66.187.233.73]:37328 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726280AbeGKIqe (ORCPT ); Wed, 11 Jul 2018 04:46:34 -0400 From: David Howells In-Reply-To: References: <153126248868.14533.9751473662727327569.stgit@warthog.procyon.org.uk> <153126264966.14533.3388004240803696769.stgit@warthog.procyon.org.uk> <686E805C-81F3-43D0-A096-50C644C57EE3@amacapital.net> <20180711011520.GL30522@ZenIV.linux.org.uk> To: Andy Lutomirski Cc: dhowells@redhat.com, Al Viro , Linus Torvalds , Linux API , linux-fsdevel , Linux Kernel Mailing List , Jann Horn Subject: Re: [PATCH 24/32] vfs: syscall: Add fsopen() to prepare for superblock creation [ver #9] MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <24375.1531298601.1@warthog.procyon.org.uk> Date: Wed, 11 Jul 2018 09:43:21 +0100 Message-ID: <24376.1531298601@warthog.procyon.org.uk> Sender: linux-fsdevel-owner@vger.kernel.org List-ID: Andy Lutomirski wrote: > > Umm... How about "use credentials of opener for everything"? > > If you want to audit every single filesystem for any code that uses > credentials for anything and add all the right kernel APIs and make > sure the filesystem uses them and somehow keep screwups from getting > added down the line, then okay I guess. As far as I know, we don't > even *have* an API for "open this device node using this struct cred > *". You can use override_creds() too. David