[redhat-lspp] getattr and mls
Clarkson, Mike R (US SSA)
mike.clarkson at baesystems.com
Thu Nov 15 19:30:16 UTC 2007
Is there a compelling reason to protect the getattr permission with mls
constraints?
The RHEL5 policy treats the gettattr the same way read is treated with
respect to mls constraints. What information that may be classified is
being protected? The only thing that I can think of is the file name,
and you need the file name to get the attributes of the file anyway (or
maybe there is a way to get the attributes using only the inode?)
Thanks
More information about the redhat-lspp
mailing list