Comment 8 for bug 1508481

I'm having trouble reviewing the patch: I'm not spotting the pattern of
which checks should be used when. I'll summarize what I'm seeing here, as
much for me in the future as anything else:

cg_getattr
- is_child_cgroup
- caller_is_in_ancestor
- fc_may_access
- caller_is_in_ancestor
- fc_may_access

cg_opendir
- caller_may_see_dir
- fc_may_access

cg_readdir
- caller_is_in_ancestor

cg_open
- caller_may_see_dir
- fc_may_access

cg_read
- fc_may_access

cg_write
- fc_may_access

cg_chown
- is_child_cgroup
- is_privileged_over

cg_chmod
- is_child_cgroup
- is_privileged_over

cg_mkdir
- caller_is_in_ancestor
- fc_may_access
- caller_is_in_ancestor

Incidentally, what prevents the controller or cgroup here from containing
shell metacharacters?

cg_rmdir
- caller_is_in_ancestor
- fc_may_access
- caller_is_in_ancestor

Does this summary look correct? Did I summarize it correctly? Does it
accurately express what needs to be done?

Thanks