[PATCH 08/37] Security: Add a kernel_service object class to SELinux

2008-02-20 Thread David Howells
Add a 'kernel_service' object class to SELinux and give this object class two access vectors: 'use_as_override' and 'create_files_as'. The first vector is used to grant a process the right to nominate an alternate process security ID for the kernel to use as an override for the SELinux subjective

Re: [PATCH 08/37] Security: Add a kernel_service object class to SELinux

2008-02-11 Thread James Morris
On Fri, 8 Feb 2008, David Howells wrote: > +++ b/security/selinux/include/flask.h > @@ -51,6 +51,7 @@ > #define SECCLASS_DCCP_SOCKET 60 > #define SECCLASS_MEMPROTECT 61 > #define SECCLASS_PEER68 > +#def

[PATCH 08/37] Security: Add a kernel_service object class to SELinux

2008-02-08 Thread David Howells
Add a 'kernel_service' object class to SELinux and give this object class two access vectors: 'use_as_override' and 'create_files_as'. The first vector is used to grant a process the right to nominate an alternate process security ID for the kernel to use as an override for the SELinux subjective