On Thu, 2006-08-10 at 09:54 -0400, Stephen Smalley wrote:

> Now, as far as preserving fscreate across execve goes, doing that in the
> case where there is no change in the current context of the task is
> conceivable (so no implications for letting the caller influence the
> program), although it would be a change in behavior that has been
> present for quite some time (and seems rather late to make it into e.g.
> RHEL5 or FC6).  I have no strong opinion on that, but it could introduce
> unexpected behaviors; some programs today might be setting fscreate and
> exec'ing helpers while not expecting the helpers to pick up that
> fscreate context.

 What about dynamic domain transitions? Eg.

task_A = *:foo_t
task_A calls setfscreatecon(*:bad_t)
fork() = task_B
  task_B = *:foo_t
  task_B calls setcon(*:bar_t)
  task_B creates file

-- 
James Antill <jantill@redhat.com>