inotify_rm_watch behavior
Eduardo Madeira Fleury
efleury at br.ibm.com
Mon Sep 11 18:05:24 UTC 2006
Hey all,
I'm doing some tests and currently inotify_rm_watch is not performing any
permission checks, i.e., an ordinary user can remove a watch set by root on a
file with root:root 400 permission.
Is this the expected behavior? Seems like neither MAC nor MLS checks are being
done.
Regards,
--
Eduardo M. Fleury
IBM Linux Technology Center Brazil
Mobile: +55-19-81224410
email/sametime: efleury at br.ibm.com
More information about the Linux-audit
mailing list