[redhat-lspp] Re: [PATCH] libselinux MLS range context contains for PAM/cron
Stephen Smalley
sds at tycho.nsa.gov
Thu Nov 9 15:37:31 UTC 2006
On Tue, 2006-11-07 at 16:57 -0500, James Antill wrote:
> Here is the libselinux changes needed to do the security context
> contains checks for PAM and cron.
Index: libselinux/include/selinux/av_permissions.h
===================================================================
--- libselinux/include/selinux/av_permissions.h (revision 2076)
+++ libselinux/include/selinux/av_permissions.h (working copy)
@@ -896,3 +896,4 @@
#define KEY__SETATTR 0x00000020UL
#define KEY__CREATE 0x00000040UL
#define CONTEXT__TRANSLATE 0x00000001UL
+#define CONTEXT__CONTAINS 0x00000002UL
Index: libselinux/src/av_perm_to_string.h
===================================================================
--- libselinux/src/av_perm_to_string.h (revision 2076)
+++ libselinux/src/av_perm_to_string.h (working copy)
@@ -266,3 +266,4 @@
S_(SECCLASS_KEY, KEY__SETATTR, "setattr")
S_(SECCLASS_KEY, KEY__CREATE, "create")
S_(SECCLASS_CONTEXT, CONTEXT__TRANSLATE, "translate")
+ S_(SECCLASS_CONTEXT, CONTEXT__CONTAINS, "contains")
This patch is obviously fine as long as the corresponding policy patch is accepted.
Acked-by: Stephen Smalley <sds at tycho.nsa.gov>
--
Stephen Smalley
National Security Agency
More information about the redhat-lspp
mailing list