[redhat-lspp] Re: [PATCH 0/1] selinux: secid reconciliation fixes V01: Intro
Paul Moore
paul.moore at hp.com
Mon Oct 9 16:27:48 UTC 2006
Paul Moore wrote:
> Venkat Yekkirala wrote:
>>Paul, if you could respin your patchset relative to this one I would
>>appreciate it. While doing so, can you look for NetLabel only when
>>there's no xfrm label on a packet, since we now know that using both
>>is redundant? This way we don't have to worry about NetLabel code
>>bugs/side effects when someone is using just xfrm. Thanks.
>
> As far as I can tell there are no problems with the latest NetLabel/secid patch
> when layered on top of the secid patches. There was a lot of testing and debate
> on this last Friday but it turned out to be a problem with the secid patch not
> clearing the secmark on exit as well as some confusion around policy and
> multicast traffic. All of the NetLabel bugs from the past month or two have
> only occurred on communication channels when NetLabel was in use - there was
> some thought that the recent Bluetooth bug was NetLabel related but it wasn't,
> it was a fault with the MLSXFRM patchset.
>
> If there is some issue I'm not aware of send me some mail or give me a call
> (XXX-XXX-XXXX) and we can work it out.
Please disregard the phone number I send out earlier, it was the wrong number -
if you need to get ahold of me please call me at 603-884-5056.
--
paul moore
linux security @ hp
More information about the redhat-lspp
mailing list