Add a 'kernel_service' object class to SELinux and give this object class two
access vectors: 'use_as_override' and 'create_files_as'.
The first vector is used to grant a process the right to nominate an alternate
process security ID for the kernel to use as an override for the SELinux
subjective
On Fri, 8 Feb 2008, David Howells wrote:
> +++ b/security/selinux/include/flask.h
> @@ -51,6 +51,7 @@
> #define SECCLASS_DCCP_SOCKET 60
> #define SECCLASS_MEMPROTECT 61
> #define SECCLASS_PEER68
> +#def
Add a 'kernel_service' object class to SELinux and give this object class two
access vectors: 'use_as_override' and 'create_files_as'.
The first vector is used to grant a process the right to nominate an alternate
process security ID for the kernel to use as an override for the SELinux
subjective
3 matches
Mail list logo