• Eric Paris's avatar
    vfs: re-introduce MAY_CHDIR · 9cfcac81
    Eric Paris authored
    Currently MAY_ACCESS means that filesystems must check the permissions
    right then and not rely on cached results or the results of future
    operations on the object.  This can be because of a call to sys_access() or
    because of a call to chdir() which needs to check search without relying on
    any future operations inside that dir.  I plan to use MAY_ACCESS for other
    purposes in the security system, so I split the MAY_ACCESS and the
    MAY_CHDIR cases.
    Signed-off-by: default avatarEric Paris <eparis@redhat.com>
    Acked-by: default avatarStephen D. Smalley <sds@tycho.nsa.gov>
    Signed-off-by: default avatarJames Morris <jmorris@namei.org>
open.c 23.6 KB