On Wed, 2013-05-08 at 11:16 +0000, Reshetova, Elena wrote: > The functionality and reasoning is inside. I will be happy to answer > any questions.
Why is this different from how SELinux works? There from what I can see there's a centralized API to look up the expected label for a given filename (selabel_lookup_raw), and then set the target label for newly created files in the current thread (setfscreatecon). That way we're ensuring the file is created atomically with that label. So why is is SMACK different here, and could it fit into what already exists in src/shared/label.c ? _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
