Re: bounds domain

On Tue, 2009-10-20 at 19:55 +0330, michel m wrote:
> thanks for your guidance,
> if we turn our attention into Java virtual machine(JVM), I want to
> have an access control on conceptual java threads that are
> encapsulated inside jvm, so I need to know which kernel managed
> process, these threads are mapped to. Is there such a mapping at all?
> if yes, how is it?
>
> I am going to manage java objects and java threads access to these
> objects. If I want to use setcon() API by JNI, I don`t know what will
> be labeled? Does a kernel thread get labeled or jvm process will be
> labeled?

Doesn't really make sense to do that in Java without Isolates (JSR 121).

setcon(3) acts on the current kernel thread only. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.

• This message: [ Message body ]
• Next message: Eamon Walsh: "[PATCH] pkgconfig support for libsepol, libselinux, and libsemanage"
• Previous message: michel m: "Re: bounds domain"
• In reply to: michel m: "Re: bounds domain"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]