site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=KsWorDmkb0lfqyfdxG5w3/65FRmB/IeRZZG/ytJ0EwlAR2QXo3fjjf27nOM0XIQ9XKbzPTPX4GV9kJ8FD6LC+jM2W8gTKcvnvkx/MqEze6Ho6/FZROAaXskWhJtaCCq2u/pNmap+w/N9kd12rke5D2eNfqJkZipMCoxkxnRj9xg= Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Is3/L2o4nT5U3yalzF3C+zeMwvt+2vFtt/paNDqR5g+pPW0cAb3x1Xzesv/Jx3h/s3SmY85CXMTLOICZ82hlYqhiFG91AyUEbYc+XE5O/wCfzSbGdE58kaGWLWFXVJnp4HbGM/Oh53J5A4SVvC1gDOGN1ngDDSsCJ5GDVmMhm+Q= First of all, thanks for the reply! As a general rule, if you think you want to initiate operations on files, file attributes, pathnames etc. from the kernel you have made a design error and need to stop and re-evaluate what you are doing. That's usually true although I don't see any other method that is more elegant - maybe you do, so let me explain what I'm trying to do : === - open() is hooked with Kauth - if there is some special extended attribute set on the opening file, handle some security issues before returning a file descriptor, else, return the proper fd. === Do you see any other way to keep track of the files handled by the security module? (please note that the extended attribute holds some meaningful data for the kernel) Sure, now we can question about the purpose of the security module, why it has to rely on userspace data, etc... but focusing on the approach I've described, do you see any other solution to keep track about which files to handle in a special manner? In almost every case, what you are trying to do should be handled in user space. I'd say this is an exception. _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... This email sent to site_archiver@lists.apple.com