Re: SELinux support in Libc

From: Stephen Smalley <stephen.smalley_at_nospam>
Date: Thu May 27 2010 - 00:40:41 GMT
To: Shaz <shazalive@gmail.com>

On Wed, May 26, 2010 at 3:05 AM, Shaz <shazalive@gmail.com> wrote:
> Dear all,
>
> I was building eglibc and saw selinux support flag in it's configure script.
> Any idea what this is used for. Some hints and pointers needed.
>
> SELinux works for me without this support as far as I understand but need to
> get all the goodies that are available. Couln't find anything with a bit of
> googling!

The nscd was instrumented as a userspace object manager a long time
ago at the request of its maintainers. The original motivation was
when it introduced support for exporting direct access to the mapped
database files to the clients, but general access controls were added
for all of its services at the time. See the class ncsd definitions
in the access_vectors file and the nscd.if and nscd.te policy files.

-- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.

This message: [ Message body ]
Next message: Stephen Smalley: "Re: install giving the wrong label"
Previous message: Justin P. Mattock: "Re: SELinux support in Libc"
In reply to: Shaz: "SELinux support in Libc"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]