selinux January 2010 archive
Main Archive Page > Month Archives  > selinux archives
selinux: Re: access decision API

Re: access decision API

From: Stephen Smalley <sds_at_nospam>
Date: Wed Jan 27 2010 - 18:33:16 GMT
To: michel m <>

On Wed, 2010-01-27 at 18:10 +0330, michel m wrote:
> thanks for guidance, but here I am with a question. what should be
> used as object class in avc_has_perm(3) when using it for
> inter-object. is there any sample for inter-object access decision?
> can it be null?
> on the other hand, access decision taken by avc_has_perm(), does it
> include MLS too?

Yes, the avc_has_perm() or security_compute_av() decision takes into account all policy models implemented within the security server, including RBAC, TE, and MLS. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to with the words "unsubscribe selinux" without quotes as the message.