> >
> > If I understand correctly, the goal here is to avoid the lookup from
> > pid to context. If we somehow Had the context or a token to a context
> > during the ipc transaction to userspace, we could just use that In
> > computing the access decision. If that is correct, then since we have
>
> Subject: Re: Exposing secid to secctx mapping to user-space
>
> On 12/13/2015 2:06 PM, Paul Moore wrote:
> > On Friday, December 11, 2015 05:14:38 PM Stephen Smalley wrote:
> >> Perhaps we could provide a new fixed-size tokenized version of the
> >> security context string for export to userspa
> -Original Message-
> From: owner-linux-security-mod...@vger.kernel.org [mailto:owner-linux-
> security-mod...@vger.kernel.org] On Behalf Of Paul Moore
> Sent: Friday, December 11, 2015 11:55 AM
> To: Daniel Cashman
> Cc: seli...@tycho.nsa.gov; Stephen Smalley ; Eric Paris
> ; James Mor