On 04/24/2018 11:22 AM, David Howells wrote:
> Stephen Smalley wrote:
>
>> Neither fsopen() nor fscontext_fs_write() appear to perform any kind of
>> up-front permission checking (DAC or MAC), although some security hooks may
>> be ultimately called to allocate structures,
Stephen Smalley wrote:
> Neither fsopen() nor fscontext_fs_write() appear to perform any kind of
> up-front permission checking (DAC or MAC), although some security hooks may
> be ultimately called to allocate structures, parse security options, etc.
> Is there a reason not
On 04/20/2018 11:35 AM, David Howells wrote:
> Paul Moore wrote:
>
>> Adding the SELinux mailing list to the CC line; in the future please
>> include the SELinux mailing list on patches like this. It would also
>> be very helpful to include "selinux" somewhere in the
Paul Moore wrote:
> Adding the SELinux mailing list to the CC line; in the future please
> include the SELinux mailing list on patches like this. It would also
> be very helpful to include "selinux" somewhere in the subject line
> when the patch is predominately SELinux
On Thu, Apr 19, 2018 at 9:31 AM, David Howells wrote:
> Add LSM hooks for use by the filesystem context code. This includes:
>
> (1) Hooks to handle allocation, duplication and freeing of the security
> record attached to a filesystem context.
>
> (2) A hook to snoop