selinux January 2010 archive
Main Archive Page > Month Archives  > selinux archives
selinux: Re: [RFC][PATCH v3] selinux: change the handling of unk

Re: [RFC][PATCH v3] selinux: change the handling of unknown classes

From: James Morris <jmorris_at_nospam>
Date: Sun Jan 17 2010 - 22:53:33 GMT
To: Stephen Smalley <sds@tycho.nsa.gov>


On Thu, 14 Jan 2010, Stephen Smalley wrote:

> Changes:
> - Handle permissive domains consistently by moving up the test for a
> permissive domain.
> - Make security_compute_av_user() consistent with security_compute_av();
> the only difference now is that security_compute_av() performs mapping
> between the kernel-private class and permission indices and the policy
> values. In the userspace case, this mapping is handled by libselinux.
> - Moved avd_init inside the policy lock.
>
> Based in part on a patch by Paul Moore <paul.moore@hp.com>.
>
> Reported-by: Andrew Worsley <amworsley@gmail.com>
> Signed-off-by: Stephen D. Smalley <sds@tycho.nsa.gov>

Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6#next -- James Morris <jmorris@namei.org> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.