[Ocfs2-devel] [RFC] The reflink(2) system call v4.
James Morris
jmorris at namei.org
Mon May 11 18:12:04 PDT 2009
On Mon, 11 May 2009, Joel Becker wrote:
> > e.g. SELinux will need to perform some checks on the operation, then
> > calculate a new security context for the new file.
>
> Do I need to pass in preserve_security as well so SELinux knows
> what the ownership check determined?
Not for SELinux -- its security attributes are orthogonal to DAC, and it
will perform its own checks on them.
Other LSMs should operate similarly (there is also the CAP_CHOWN check
which the LSM may hook), although if not, the flag can be added later if
required.
- James
--
James Morris
<jmorris at namei.org>
More information about the Ocfs2-devel
mailing list