[redhat-lspp] [PATCH 1/3] Re: MLS enforcing PTYs, sshd, and newrole
James Antill
james.antill at redhat.com
Mon Oct 30 20:03:51 UTC 2006
On Fri, 2006-10-27 at 14:38 -0400, Stephen Smalley wrote:
> Look at Darrel's patch for mcstransd to apply a permission check between
> the level of the caller and the level being translated for context
> translations.
Thanks to much discussion with Dan and Stephen, I'm pretty sure I have
this correct now.
Here is the libselinux part of the patch (reference policy and PAM are
next).
--
James Antill - <james.antill at redhat.com>
setsockopt(fd, IPPROTO_TCP, TCP_CONGESTION, ...);
setsockopt(fd, IPPROTO_TCP, TCP_DEFER_ACCEPT, ...);
setsockopt(fd, SOL_SOCKET, SO_ATTACH_FILTER, ...);
-------------- next part --------------
A non-text attachment was scrubbed...
Name: selinux-pam-range-checking.patch
Type: text/x-patch
Size: 991 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/redhat-lspp/attachments/20061030/72cfc9fa/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/redhat-lspp/attachments/20061030/72cfc9fa/attachment.sig>
More information about the redhat-lspp
mailing list