1
linux/init
Al Viro 74c3cbe33b [PATCH] audit: watching subtrees
New kind of audit rule predicates: "object is visible in given subtree".
The part that can be sanely implemented, that is.  Limitations:
	* if you have hardlink from outside of tree, you'd better watch
it too (or just watch the object itself, obviously)
	* if you mount something under a watched tree, tell audit
that new chunk should be added to watched subtrees
	* if you umount something in a watched tree and it's still mounted
elsewhere, you will get matches on events happening there.  New command
tells audit to recalculate the trees, trimming such sources of false
positives.

Note that it's _not_ about path - if something mounted in several places
(multiple mount, bindings, different namespaces, etc.), the match does
_not_ depend on which one we are using for access.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2007-10-21 02:37:45 -04:00
..
calibrate.c slow down printk during boot 2007-10-16 09:42:49 -07:00
do_mounts_initrd.c Fix failure to resume from initrds 2007-09-19 11:24:17 -07:00
do_mounts_md.c [PATCH] md: remove MAX_MD_DEVS which is an arbitrary limit 2006-10-03 08:04:18 -07:00
do_mounts_rd.c sparse pointer use of zero as null 2007-10-18 14:37:31 -07:00
do_mounts.c init: wait for asynchronously scanned block devices 2007-07-16 09:05:45 -07:00
do_mounts.h Remove all inclusions of <linux/config.h> 2006-10-04 03:38:54 -04:00
initramfs.c initramfs: missing __init 2007-07-26 11:11:56 -07:00
Kconfig [PATCH] audit: watching subtrees 2007-10-21 02:37:45 -04:00
main.c spelling fixes: init/ 2007-10-20 01:28:29 +02:00
Makefile kbuild: enable 'make CFLAGS=...' to add additional options to CC 2007-10-14 22:21:35 +02:00
noinitramfs.c [PATCH] disable init/initramfs.c 2007-02-11 10:51:25 -08:00
version.c [PATCH] remove many unneeded #includes of sched.h 2007-02-14 08:09:54 -08:00