Re: [PATCH 2/2] RFC: selinux: sysctl: fix selinux labeling broken by last patch

From: Lucian Adrian Grijincu <lucian.grijincu_at_nospam>
Date: Mon Jan 31 2011 - 17:03:49 GMT
To: Stephen Smalley <sds@tycho.nsa.gov>

On Mon, Jan 31, 2011 at 6:59 PM, Stephen Smalley <sds@tycho.nsa.gov> wrote:
> /proc/sys inode labeling was disabled earlier (hence marked S_PRIVATE)
> when /proc/sys was reimplemented by Eric, so all access control
> on /proc/sys was switched to using the sysctl hook rather than the
> inode-based checking. Â That's why you don't get a result from ls -Z
> on /proc/sys on current kernels. Â Getting actual labeling working again
> for those inodes would be a win, so your patch is an improvement in that
> regard for selinux.

Oh, OK. Thanks for letting me know.

Do you see anything else that is wrong with these patches (apart from
"//deleted")?

-- Â . ..: Lucian -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.

This message: [ Message body ]
Next message: Stephen Smalley: "Re: [PATCH 2/2] RFC: selinux: sysctl: fix selinux labeling broken by last patch"
Previous message: Stephen Smalley: "Re: Tiny version of SE-PostgreSQL got merged"
In reply to: Stephen Smalley: "Re: [PATCH 2/2] RFC: selinux: sysctl: fix selinux labeling broken by last patch"
Next in thread: Stephen Smalley: "Re: [PATCH 2/2] RFC: selinux: sysctl: fix selinux labeling broken by last patch"
Reply: Stephen Smalley: "Re: [PATCH 2/2] RFC: selinux: sysctl: fix selinux labeling broken by last patch"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]