From mboxrd@z Thu Jan 1 00:00:00 1970 Subject: Re: [PATCH] repost: new sockcreate interface to specify context of socket when they are created From: "Christopher J. PeBenito" To: Stephen Smalley Cc: Eric Paris , selinux@tycho.nsa.gov, kmacmillan@tresys.com, jmorris@namei.org, Michael LeMay In-Reply-To: <1150919411.27531.89.camel@moss-spartans.epoch.ncsc.mil> References: <1150902506.27852.35.camel@localhost.localdomain> <1150905799.27531.33.camel@moss-spartans.epoch.ncsc.mil> <1150919192.18657.164.camel@sgc> <1150919411.27531.89.camel@moss-spartans.epoch.ncsc.mil> Content-Type: text/plain Date: Wed, 21 Jun 2006 16:23:00 -0400 Message-Id: <1150921381.18657.170.camel@sgc> Mime-Version: 1.0 Sender: owner-selinux@tycho.nsa.gov List-Id: selinux@tycho.nsa.gov On Wed, 2006-06-21 at 15:50 -0400, Stephen Smalley wrote: > On Wed, 2006-06-21 at 15:46 -0400, Christopher J. PeBenito wrote: > > On Wed, 2006-06-21 at 12:03 -0400, Stephen Smalley wrote: > > > On Wed, 2006-06-21 at 11:08 -0400, Eric Paris wrote: > > > > Below is a patch to add a new /proc/self/attr/sockcreate > > [cut] > > > /proc/self/attr/keycreate is in -mm, so this patch won't apply relative > > > to it. Permission definition also has to be regenerated relative to the > > > keycreate refpolicy patch, as that took the same permission slot. > > > > I'm going to need a patch for refpolicy that has the the final ordering > > of permissions with key and sockcreate patches. I haven't added the key > > class at all yet since I have been waiting for the perm set to finalize. > > Apply the key+keycreate patch first. sockcreate refpolicy patch has to > be re-based and re-submitted, but the kernel patch has already been > re-based and submitted. Is the one from June 2nd the right one ([PATCH] refpolicy: Kernel access key retention policy support) to start, and then the one from yesterday that has setkeycreate? -- Chris PeBenito Tresys Technology, LLC (410) 290-1411 x150 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.