Le 16/04/2015 09:02, James Morris a écrit :
On Thu, 16 Apr 2015, Herbert Xu wrote:
[snip]
PS I used the wrong email for James the first time around. So
let me repeat the question here. Should secmark be preserved
or cleared across tunnels within the same name space? In fact,
do our security models even support name spaces?
They don't support namespaces, and maintaining the label is critical for
SELinux, at least, which mediates security for the system as a whole.
Herbert, could you send a v4 of your patch with the secmark included?
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
