selinux January 2010 archive
Main Archive Page > Month Archives  > selinux archives
selinux: Re: [RFC][PATCH v3] selinux: change the handling of unk

Re: [RFC][PATCH v3] selinux: change the handling of unknown classes

From: James Morris <jmorris_at_nospam>
Date: Sun Jan 17 2010 - 22:53:33 GMT
To: Stephen Smalley <>

On Thu, 14 Jan 2010, Stephen Smalley wrote:

> Changes:
> - Handle permissive domains consistently by moving up the test for a
> permissive domain.
> - Make security_compute_av_user() consistent with security_compute_av();
> the only difference now is that security_compute_av() performs mapping
> between the kernel-private class and permission indices and the policy
> values. In the userspace case, this mapping is handled by libselinux.
> - Moved avd_init inside the policy lock.
> Based in part on a patch by Paul Moore <>.
> Reported-by: Andrew Worsley <>
> Signed-off-by: Stephen D. Smalley <>

Applied to
git:// -- James Morris <> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to with the words "unsubscribe selinux" without quotes as the message.