selinux January 2010 archive
Main Archive Page > Month Archives  > selinux archives
selinux: Re: access decision API

Re: access decision API

From: Stephen Smalley <sds_at_nospam>
Date: Wed Jan 27 2010 - 18:33:16 GMT
To: michel m <michel.mcgregor@gmail.com>


On Wed, 2010-01-27 at 18:10 +0330, michel m wrote:
> thanks for guidance, but here I am with a question. what should be
> used as object class in avc_has_perm(3) when using it for
> inter-object. is there any sample for inter-object access decision?
> can it be null?
>
> on the other hand, access decision taken by avc_has_perm(), does it
> include MLS too?

Yes, the avc_has_perm() or security_compute_av() decision takes into account all policy models implemented within the security server, including RBAC, TE, and MLS. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.