Re: SELinux and ReiserFS

On Mon, 5 Apr 2004, Pete Chown wrote:

> James Morris wrote:
> > > I hope this patch will make it into FC2.
> > It won't unless Hans accepts the patch upstream.
> Would you accept a patch against the kernel spec file and SRPM contents? 
>   In other words, if I make it easy for you, will it go in?  Or is it 
> more problematic than this, for example that the patch won't apply 
> cleanly to the RedHat kernel?

No.  The patch must be acceptable upstream, in the mainline kernel.

> > You can probably solve this with a context mount, as you won't need 
> > reiserfs for the entire box.
> I don't know that I'd be too keen on having part of the filesystem 
> unlabelled.  Presumably anyone who gets root has full control over any 
> unlabelled files regardless of their SELinux credentials?

It is labeled at the kernel level (like genfs mounts), SELinux controls
work normally, and root cannot do anything special that could not be done
with an xattr filesystem.

- James
James Morris
<jmorris redhat com>

